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Welcome  to  IBM  Express  Advantage?*  with  hundreds  of  proven  solutions  designed  for  the 


needs  of  mid-sized  companies.  Whether  on  your  block  or  in  your  area,  our  local  Business  Partners 
are  experienced  in  your  industry  and  market.  From  consultants  and  integrators  to  software  vendors 
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Innovation  made  easy. 
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PUT  MORE  THAN  JUST  TIME  ON  YOUR  SIDE 


When  you  have  a  hardware  or  software  need  at  the  last  hour,  you  can  rely  on  Insight. 

But  you  can  also  count  on  us  for  your  complete,  long-term  systems  solutions — from  planning 
and  design  to  implementation.  Gain  a  trusted  advisor.  Gain  Insight. 


Symantec  Backup  Exec  System  Recovery 
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Symantec. 


System  Recovery  Server  Edition 
-  (v.7.0) 


•  Reduce  Windows  recovery  time 

•  Remotely  restore  unattended 
servers  in  distributed  locations 


Adobe®  Acrobat®  8  Professional  Sony  DRX  S50U  -  DVD  burner 

22020403  DRX-550U 


Adobe 


•  The  essential  PDF  solution 

•  Create,  combine,  and  control 
Adobe  PDF  documents 


•  Easy,  more  secure  distribution, 
collaboration,  and  data  collection 


SONY  •  DVD  multi-burner  for  Windows® 
Vista™/  XP/2000 

•  Equipped  with  the  Nero®  7  Essentials 
software  suite  and  USB  2.0  interface 

•  Read  24x  (CD)  /  8x  (DVD);  Write  24x 
(CD)  /  8x  (DVD  R)  /  4x  (DVD  R  DL) 
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COOLTOOLS 


■  The  LG  L206WU  monitor  can  connect 
to  a  computer  via  USB  cable,  in  addi¬ 
tion  to  VGA  and  DVI-D  ports.  See  Cool 
Tools,  page  28. 
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28  Mark  Gibbs:  Outlook  to  iCal,  but  not 
automatically. 

28  Keith  Shaw:  Use  USB  to  connect 
that  monitor. 
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11  Catch  up  on  the  latest  online  stories, 
blogs,  newsletters  and  video. 
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Serious 

between  Google- 
Viacom,  which  alleges  that  the  former 
cares  insufficiently  about  copyright  pro¬ 
tection.  So  perhaps  the  appearance  of 
these  two  —  Jon  Stewart  and  Stephen 
Colbert —  on  the  witness  stand  will  add 
an  element  of  levity  to  the  proceedings. 
But  if  you  have  to  ask  who  they  are,  you 
won't  find  anything  they  say  amusing. 


Facebook  users  red-faced 

Or  at  least  they  should  be.  Sophos  sent 
200  bogus  "friend”  requests  to  random 
Facebook  users,  and  more  than  a  third 
parted  willingly  with  personal  informa¬ 
tion,  including  an  alarming  number  of 
physical  addresses  and  phone  numbers. 


Boatload  of  bad  batteries 
Nokia  is  offering  to  replace  46  million 
batteries  manufactured  by  Japan’s 
Matsushita  Battery  Industrial  for  use  in 
its  mobile  phones  because  of  a  risk  of 
overheating.  Nokia  said  it  knows  of 
about  100  incidents  but  no  serious 
injuries  or  property  damage. 

P«»LL 

A  snapshot  of  how  networkworld.com 
visitors  voted  on  a  key  networking  issue 
last  week: 

Should  security  companies  pay  third- 
parties  to  discover  vulnerabilities? 


No!  It  violates 
responsible 
disclosure 
practices 

16%  (3  votes) 


1 


Yes!  Pay  hackers  to 
work  for  the  good  guys 


84% 


16  votes) 


Vote  and  discuss:  www.nwdocfinder.com/1258 


VoIP  requires  attention  to  security 

New  ways  to  hack  VoIP  can  cause  pain  but  aren’t  fatal 


BY  TIM  GREENE 

New  exploits  against  VoIP  con¬ 
tinue  to  emerge,  but  experts  say 
these  developments  reveal  the 
need  for  vigilant  security  are  not 
fatal  flaws  to  the  technology 

At  Black  Hat  this  month  re¬ 
searchers  released  hacking  tools 
against  VoIP  signaling  protocols 
H.323  and  AIX  as  well  as  tools  to 
insert  audio  into  VoIP  calls.  At 
Defcon,  a  tool  that  automatically 


probes  the  Session  Initiation  Pro¬ 
tocol  for  vulnerabilities  was  re¬ 
leased  to  enable  the  covert  piggy¬ 
backing  of  data  over  VoIP  streams 
(see  graphic,  below). 

The  problem  lies  not  in  VoIP 
technology  but  in  its  implementa¬ 
tion,  says  Barrie  Dempster,  a 
senior  security  consultant  for 
Next  Generation  Security  Soft- 
ware.“If  you  apply  traditional  net¬ 
work  security  logic  to  VoIP  you 


can  make  it  as  secure  as  any 
other  protocol,”  he  says. 

VoIP  notoriety 

Much  of  the  notoriety  of  VoIP 
vulnerabilities  come  because  the 
technology  is  relatively  new  and 
its  code  wasn’t  necessarily  writ¬ 
ten  with  security  in  mind  —  a 
problem  that  plagues  many  new 
technologies. 

Dempster  cites  ways  to  exploit 


Asterisk,  the  open  source  PBX, 
including  buffer  overflows.  He  says 
this  and  other  weaknesses  can  be 
dealt  with  by  removing  the  code 
for  unused  features  and  perform¬ 
ing  security  audits  on  the  features 
that  are  used. “The  problem  is  not 
the  specific  vulnerabilities  them¬ 
selves.  It’s  the  maturity  of  the  soft¬ 
ware.  There  hasn’t  been  enough 
security  review  yet,”  he  says. 

See  VoIP,  page  22 


More  VoIP  threats 

This  summer’s  security  conferences  yielded  a  new  crop  of  tools  for  exploiting  VoIP  protocols. 


Exploit: 

H.323  attacks 

IAX  attacks 

INTERSTATE  Fuzzer 

RTP  Steganography 

Description: 

These  take  advantage  of 
weaknesses  in  H.323 
authentication,  enable 
endpoint  spoofing  and  a 
variety  DoS  attacks 
triggered  by  UDP  packets. 

These  include  dictionary 
attacks,  man-in-the-middle 
attacks  and  DoS  attacks 
that  can  break  Asterisk 
PBXs. 

A  tool  to  detect  security 
vulnerabilities  in  SIP- 
based  VoIP  phones. 

Creates  covert  channels 
within  real  time  protocol 
that  support  data  transfers. 

l  -  '* ' 

Citrix/XenSource  union  raises  stakes 


Battle  brewing  over 
control  of  virtualization 
software  that  controls 
the  data  center 

BY  JOHN  FONTANA 

Underneath  the  dollar  signs  of  last  week’s 
Citrix  acquisition  of  virtualization  vendor 
XenSource  are  the  shifting  motives  of  a  com¬ 
plex  web  of  vendor  alliances  aiming  to  provide 
corporate  users  with  virtual  environments  and 
the  tools  needed  to  manage  them. 

With  its  $500  million  acquisition  of  Xen¬ 
Source,  Citrix  cemented  the  evolution  of  its 
desktop  tools  via  virtualization  and  established 
its  intent  to  deliver  server  virtualization. 
XenSource,  which  will  operate  as  a  division  of 
Citrix,  now  has  the  capital  and  sales  channel  to 


become  a  serious  corporate  alternative  to 
VMware  for  server  virtualization.  Further,  Micro¬ 
soft  —  partner  to  both  companies  —  may  have 
found  the  alliance  to  bridge  the  gap  between 
its  hypervisor  vaporware  this  year  and  next 
year’s  shipment  of  the  real  deal. 

What  users  will  get  is  a  Citrix  desktop-virtual¬ 
ization  environment  and  options  for  deploying 
and  managing  virtualized  servers  on  Windows. 
They  also  will  see  a  determined  effort  from  the 
Citrix/XenSource/Microsoft  triumvirate  to  pool 
resources  to  battle  VMware,  which  has  85%  of 
the  virtualization  market. 

Corporate  users  will  now  have  a  legitimate 
alternative  to  VMware  if  they  don’t  want  to  wait 
for  Microsoft  to  deliver  its  first-generation 
hypervisor  technology  in  mid-2008. 

In  addition,  Microsoft’s  partnership  with  Xen¬ 
Source  means  users  could  opt  for  the  Citrix/- 
XenSource  hypervisor  now  and  migrate  to  the 
Windows  Server  Virtualization  (WSV)  hypervi¬ 


sor  and  Microsoft’s  management  tools  when 
they  ship. 

Or  they  could  mix  and  match,  moving  to 
WSV  for  their  hypervisor  and  staying  with 
Citrix/XenSource  management  tools. 

XenSource  and  Microsoft  are  already  work¬ 
ing  on  that  kind  of  interoperability,  and  today 
90%  of  XenSource’s  650  customers  run  the 
company’s  technology  on  a  Windows-only 
platform,  according  to  CTO  Simon  Crosby 

See  Citrix,  page  24 


ONLINE:  More  on  the  deal 

Read  XenSource  CEO  Peter  Levine's 
take  on  the  acquisition.  Plus  many 
more  stories  related  to  the  deal. 

www.nwdocfinder.com/1277 
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The  Internet  can't  hide  from 
the  AT&T  LaptopConnect  Card. 


Tired  of  playing  hide  and  seek  with  the  Internet?  Get 
the  AT&T  LaptopConnect  Card  and  easily  access  the 
Internet  at  mobile  broadband  speeds  when  you're  out 
of  the  office,  on  the  road,  away  from  hotspots. 


>  Works  in  165  major  U.S.  markets  and  more  cities 
worldwide  than  any  other  U.S.  carrier. 

>  Send  and  receive  email,  download  large 
attachments,  and  access  corporate  systems 
at  mobile  broadband  speeds. 

>  Enables  secure  laptop  connections  to  AT&T 
BroadbandConnect  and  EDGE  networks. 

>  Fast  and  easy  set  up. 


LaptopConnect  Card 

Sierra  Wireless  AirCard*875 


Get  AT&T's  Global  3G 
LaptopConnect  Card  for  only 

$49" 

with  2-year  service  agreement 
on  DataConnect  plans  $59.99 
or  higher. 


For  more  information,  visit  www.wireless.att.com/laptopconnect  or  go  to  your  nearest  AT&T  store. 

Coverage  not  available  in  all  areas.  Limited-time  offer.  Other  conditions  and  restrictions  apply.  See  contract  and  rate  plan  brochure  for  details.  Subscriber  must  live  and  have  a  mailing  address  within 
AT&Ts  owned  network  coverage  area.  Up  to  $36  activation  fee  applies.  Equipment  price  and  availability  may  vary  by  market  and  may  not  be  available  from  independent  retailers.  Early  Termination  Fee: 
None  if  cancelled  in  the  first  30  days;  thereafter  $175.  Some  agents  impose  additional  fees.  Sales  tax  calculated  based  on  price  of  unactivated  equipment.  Certain  email  systems  may  require  additional 
hardware  and/or  software  to  access.  Service  provided  by  AT&T  Mobility.  ©2007  AT&T  Knowledge  Ventures.  All  rights  reserved.  AT&T  and  the  AT&T  logo  are  trademarks  of  AT&T  Knowledge  Ventures  and/or 
AT&T  affiliated  companies. 
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Don’t  bash  Verizon  too  much 

Re:  “Verizon  vs.  the  Needham  Fire  Depart¬ 
ment”  blog  post  by  Buzzblog 

Mistakes  happen,  and  sometimes  —  as  in 
this  case  —  mistakes  can  be  dangerous. 

I  think  the  Verizon  employee  made  the  right 
decision  to  call  the  FD,  from  what  1  have  read 
about  this  case. 

But  the  statements  from  Verizon  manage¬ 
ment  look  immature 
to  me.  If  we  are  not 
careful,  these  imma¬ 
ture  managers  may 
issue  an  order  that  the 
FD  should  never  be 
called  unless  it  is 
obvious  that  the 
building  is  in  flames. 

And  such  an  order 
could  end  up  with 
people  dying. 

Although  I  under¬ 
stand  there  are  lots 

of  reasons  for  bashing  Verizon,  1  do  not 
think  we  should  do  it  when  the  only  reason 
we  know  about  this  issue  is  because  a 
Verizon  employee  did  the  right  thing  to  be 
sure  that  nobody’s  life  was  put  at  risk. 

Ole  Husgaard 

www.nwdocfinder.com/1263 

Protect  your  images 
if  it’s  such  an  issue 

Re:  “Porn  company  Perfect  10  sues  Micro¬ 
soft”  (www.nwdocfinder.com/1264) 

An  open  letter  to  Perfect  10  ...  If  you  don’t 
want  your  images  to  be  found  by  search 
engines,  don’t  serve  them  up  to  the  bots.  And 
if  I  understand  the  story  correctly,  the  images 
being  indexed  aren’t  even  found  on  your  Web 
site.  Rather  than  shoot  the  messenger  (search 
engines),  shoot  the  owner  of  the  third-party 
site.  But  you  say  they  are  untouchable;  how 
did  they  get  your  content  in  the  first  place? 

The  images  are  out  there,  so  that  sucks.  But 
the  newer  images  you  have  can  still  be  pro¬ 
tected.  There  are  a  lot  of  ways  to  guard  your 
content  from  being  taken.  Suing  the  messen- 
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ger  isn’t  one  of  them. 

I’d  be  happy  to  discuss  ways  to  guard  your 
content  with  you, you  seem  to  have  a  lot  of  dis¬ 
posable  income  for  lawsuits  that  could  be  bet¬ 
ter  spent  elsewhere. 

Ken  Savage 

www.nwdocfinder.com/1265 


**If  you  don’t  want  your 
images  to  be  found  by  search 
engines,  don’t  serve  them  up 
to  the  bots. . . .  There  are  a  lot 
of  ways  to  guard  your 
content.  Suing  the  messenger 
isn’t  one  of  them.55 


SCAN  THIS  CODE 
with  your  cell 
phone  to  get  the 
latest  IT  network 
news  delivered  to 
your  cellular 
device. 
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To  get  the  client 
software,  use  your  phone  browser  to 
visit  wap.connexto.com 

For  more  information  on  code  scanning 
see  www.nww.com/codescan 
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Moore’s  Law 
dead  for  chips 

Re:  “Moore’s  Law 
meltdown  fueling  effi¬ 
ciency,  panelists  say” 
(www.nwdocfinder 
.com/ 1266) 

While  there  are  no 
doubt  many  efficien¬ 
cies  that  can  yet  be 
achieved  at  the  data 
center  architecture 
level,  and  through  vir¬ 
tualization,  etc.,  it  re¬ 
mains  dubious  that  Moore’s  law  is  alive  and 
well  at  the  chip  level.Yes,from  a  transistor  den¬ 
sity  perspective;  no,  from  a  power  efficiency 
perspective. 

Multicore  helped  a  little,  and  while  there 
have  been  some  impressive  new  transistor 
technologies,  there  is  still  a  very  challenging 
set  of  dynamics  with  respect  to  power  effi¬ 
ciency  at  the  chip  level. 

Anyone  who  asserts  that  power  efficiency  is 
alive  and  well  at  the  chip  level  should  produce 
a  chart  that  maps  transistor  density  improve¬ 
ments  along  side  power  efficiency  improve¬ 
ments  to  make  the  argument  credible. 

Mark  Seery 

www.nwdocfinder.com/1267 

PBX  Replacement  by 
Microsoft 

Re:  the  “Microsoft  Unified  Communica¬ 
tions”  post  by  Microsoft  Subnet  blogger  Rand 
Morimoto. 

I  think  if  Microsoft  is  planning  to  position 
this  as  a  PBX  replacement,  they  really  need 
to  hammer  on  survivability  and  redundancy 
features.  Everyone  loves  to  make  fun  of 
Windows-based  servers  for  their  “legendary” 
(read:  infamous)  reliability.  I’ll  be  the  first  to 
admit,  however,  that  they  have  made  fantas¬ 
tic  strides  in  recent  releases  in  making  the 
Windows  server  system  quite  reliable  if 
maintained  correctly.  I  still  get  nervous,  how¬ 
ever,  about  turning  over  all  of  the  voice  fea¬ 
tures  of  my  enterprise,  its  life  safety  mecha¬ 
nisms,  analog  voice,  etc.,  etc.,  to  a  software- 
only  product  running  on  Windows. 

Ryan 

www.nwdocfinder.com/1268 

E-mail  letters  to  jdix@nww.com  or  send  them 
to  John  Dix,  editor  in  chief,  Network  World,  118 
Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for 
verification. 
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For  you,  it’s  about  protecting  critical  systems 
without  getting  a  PhD  in  engineering. 

For  us,  it’s  about  making  sure  you  don’t  need  one. 


Power  and  cooling  have  become  critical  to  effective  IT  management.  But  do 
you  really  need  to  know  how  to  convert  kilowatts  to  BTUs,  or  understand 
how  resonant  converter  technology  increases  UPS  efficiency? 

With  a  network  of  local  representatives  that  average  more  than  20  years 
of  experience,  Emerson  Network  Power  and  its  Liebert  power  and  cooling 
technologies  make  it  easy  to  create  a  flexible  IT  infrastructure  that  delivers 
high  availability  and  low  cost  of  ownership.  Download  our  white  paper, 
Five  Technologies  Simplifying  Infrastructure  Management,  and  discover  how 
Liebert  technologies  can  make  your  job  easier,  at  experts.liebert.com. 


Liebert  expertise 


Just  another  reason  why  Emerson  Network  Power  is  the  global  leader 
in  enabling  Business-Critical  Continuity. m 


Netw 


Emerson.  Business-Critic  al  Continuity  and  liebert  are  trademarks  of  Emerson  Electric  Co,  or  one  of  its  affiliated  companies.  ?'2O07  Emerson  Electric  Co. 


EMERSON.  CONSIDER  IT  SOLVED: 


NOT  ALL  CRYSTAL  BALLS 

ARE  ROUND. 


What  if  you  knew  when  your  system  was  going  to  crash  and  had  the 
know-how  to  help  prevent  it?  Well,  by  no  feat  of  magic,  that  technology 
is  here.  And  it’s  found  on  IBM  System  x3655  Express  with  Predictive 
Failure  Analysis*2  By  monitoring  the  system,  your  servers  can  remain 
highly  reliable  and  run  at  optimal  performance.  If  the  system  starts 
working  otherwise,  Predictive  Failure  Analysis  can  alert  your  systems 
administrator  -  giving  them  up  to  2  days  of  lead  time  to  take  decisive 
action  and  help  prevent  problems?  IBM  System  x3655  Express.  From 
the  people  and  Business  Partners  of  IBM.  Innovation  made  easy. 

MISSION-CRITICAL  AVAILABILITY  AND  PERFORMANCE 
IN  AN  AFFORDABLE  PACKAGE 

Up  to  two  AMD  Dual-Core  Opteron™  2218  (2.6GHz)  processors  featuring  PowerNow!™ 
power-saving  technology 

2GB  DDR  II  667MHz  memory  standard,  up  to  64GB  DDR  II  667MHz  memory  via  16 
DIMM  slots 

IBM  Director  and  Predictive  Failure  Analysis  monitor  and  help  identify  problems  on 
processors,  memory,  hard  disk  drives,  voltage  regulator  modules,  and  power  supplies 
Up  to  1.8TB  hot-swap  SAS  or  3.0TB  hot-swap  SATA 
Limited  warranty:  3  years  on-site3 


IBM  SYSTEM  x3105  EXPRESS 

AMD  Opteron™  or  AMD  Athlon™  processor  featuring  AMD  Direct  Connect  Architecture 

Up  to  8GB  DDR  II  667MHz  maximum  memory  using  4  DIMM  slots _ 

80GB  or  160GB  internal  storage  standard _ 

1.0TB  SATA  internal  storage  maximum _ 

Limited  warranty:  1  year  on-site3 


COMPLIMENTARY  SYSTEMS 
ADVISOR  TOOL 

Want  to  find  the  right  server  or  storage  system  for  you?  Our 
.  Systems  Advisor  tool  can  help  Just  give  the  tool  a  little  input, 
and  it  will  identify  products  that  can  help  meet  your  business 
needs.  Get  started  now  at  ibm.com/systems/crystaiball 


"All  prices  are  IBM's  estimated  retail  selling  prices  as  of  June  14. 2007.  Prices  may  vary  according  to  configuration.  Resellers  set  their  own  prices,  so  reseller  prices  to  end  users  may  -vary.  Products  are  subject  to  availability.  This  document  was 
developed  for  offerings  in  the  United  States.  IBM  may  nol  offer  Ihe  products,  features  or  services  discussed  in  this  document  in  other  countries.  Prices  are  subject  to  change  without  notice.  Starting  price  may  not  include  a  hard  drive,  operating 
system  or  other  features.  Contact  your  IBM  representative  or  IBM  Business  Partner  (or  Ihe  most  current  pricing  in  your  geography.  1.  IBM  Global  Financing  offerings  are  provided  through  IBM  Credit  ILC  in  the  United  States  3nd  other  IBM 
subsidiaries  and  divisions  worldwide  to  qualified  commercial  and  government  customers.  Monthly  payments  provided  are  for  planning  purposes  only  and  may  vary  based  on  your  credit  and  ottier  factors.  Lease  offer  provided  is  based  on  a  f  MV 
lease  ot  36  monthly  payments  Other  restrictions  may  apply.  Rates  and  offerings  are  subject  to  change,  extension  or  withdrawal  without  notice.  2.  Predictive  Failure  Analysis  monitors  select  components  such  as  processors,  memory,  hard  disk 
drives,  voltage  regulator  modules  and  power  supplies.  Covered  components  can  vary  by  model.  3.  IBM  hardware  products  are  manufactured  from  new  parts,  or  new  and  serviceable  used  parts.  Regardless,  our  warranty  terms  apply.  For  a  copy  of 
applicable  product  warranties,  visit:  ibrn.com/servers/support/machine_warranties  or  write  to:  Warranty  Information,  P.0.  Box  12195,  RIP,  NC  27709.  Attn:  Dept.  JDJA/B203.  IBM  makes  no  representation  or  warranty  regarding  third-party  products 
or  services,  including  those  designated  as  ServerProven  or  ClusterProven.  Telephone  support  may  be  subject  to  additional  charges.  For  on-site  labor,  I8M  will  attempt  to  diagnose  and  resolve  the  problem  remotely  before  sending  a  technician. 
On-site  warranty  is  available  only  for  selected  components.  Optional  same-day  service  response  is  available  on  [selectl  systems  at  an  additional  charge  IBM,  the  IBM  logo,  IBM  Express  Advantage,  System  x,  and  Predictive.  Failure  Analysis  are 
registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  For  a  complete  list  of  IBM  trademarks,  see  ibm.com/legal 'copytrade  shtrnl  AMO.  Ihe  AMO  logo,  AMD  Opteron  and 
AMD  PowerNow!  are  trademarks  ot  Advanced  Micro  Devices,  Inc.  All  other  products  may  be  trademarks  or  registered  trademarks  ot  their  respective  companies.  ©2007  IBM  Corporation.  All  rights  reserved. 
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ibm.com/systems/crystalball 

1  866-872-3902  (mention  6N7AH32A) 
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INTERVIEWS,  THE  COOLEST  TOOLS  MO  MORE 


COOL  TOOLS: 


HEWS  VIDEO 

m 


Multimonitor 

madness 

Program  Editor  Keith 
Shaw  connects  several 
monitors  to  a  single  PC 
via  USB  through  new 
DisplayLink  technology, 
which  utilizes  “virtual 
graphics  card”  software. 

www.nwdocfinder.com/1 272 


No  Olympic  medal 
for  Vista,  wireless 

Lenovo  says  no  to 
Windows  Vista  and 
wireless  LANs  for  its 
systems  at  the  2008 
Summer  Olympics  in 
Beijing. 

www.nwdocfinder.com/1 273 


PANORAMA  PODCAST: 


NWPAN 

ORAMA 


Why  IT  reads 
everyone’s  e-mail 

About  one-third  of 
large  companies  hire 
staff  to  read  or  analyze 
outbound  e-mail, 
according  to  Proofpoint. 
Keith  Crosley  explains 
the  reasons  that  IT  has 
to  be  vigilant. 

www.nwdocfinder.com/1274  /' 


BEST  OF  NW’S 

NEWSLETTERS 


DePaul  opts  for  IP  telephony 

Some  good  Internet  phone  news 


i BLOGOSPHERE 


■  Citrix/Xen  team  undercuts  Microsoft. 

Microsoft  Subnet  blogger  John  Obeto  finds  a 
major  threat  to  Microsoft  with  the  Citrix’s 
purchase  of  Xen.  He  writes:  “All  of  a  sudden, 
Citrix  goes  from  being  an  almost  also-ran  in 
the  forthcoming  battle  to  one  of  the  big  three, 
possessing  one  of  the  big  four:  a  hypervisor, 
OS  virtualization,  application  virtualization 
and  VM  management.  In  the  important  Win¬ 
dows  Server  space,  Microsoft’s  stripping  out 
ofViridian  from  Server  2008  now  seems  pre¬ 
mature,  as  the  need  for  the  hypervisor  now 
takes  on  amazing  urgency.” 
www.nwdocfinder.com/1259 

■  Nothing  like  building  a  network.  Cisco 
Subnet  blogger  Michael  Morris  waxes  poetic 
about  the  joys  of  implementation.  He  writes: 
“Let’s  be  honest  —  what’s  the  fun  designing 
and  drawing  a  network  to  never  build  it? 
That’s  no  fun.  You  want  to  see  your  design 
(baby)  come  to  life.  I  had  that  opportunity 
again  last  weekend.  Despite  working  15  hours 
on  Saturday,  it  was  a  great  experience.  In 
those  15  hours  we  completely  updated  the 
network  at  one  of  our  largest  software  devel¬ 
opment  offices.” 
www.nwdocfinder.com/1260 

■  Purdue  gets  computer  chips  to  chill 
out.  Layer  8  has  uncovered  a  promising 
research  project  that  increases  the  cooling 
rate  of  computer  chips  by  as  much  as  250%. 
The  blog  says:  “Purdue  University  research¬ 
ers,  in  work  funded  by  Intel  are  developing 
tiny  “ionic  wind  engines”  that  when  used  in 
combination  with  a  conventional  computer 
fan,  can  enhance  the  fan’s  effectiveness  by 
boosting  airflow  over  the  surface  of  a  com¬ 
puter  chip.”  www.nwdocfinder.com/1261 

■  The  dangerous  e-card.  Don’t  bother  to 
send  Buzzblog’s  Paul  McNamara  an  e-card. 
He  writes:  “I  don’t  open  them  —  ever —  and, 
if  an  unscientific  survey  of  my  office  col¬ 
leagues  is  any  indication,  I  am  far  from  alone 
in  this  delete-on-sight  detachment  from 
these  ubiquitous  electronic  annoyances.  A 
few  co-workers  open  e-cards  selectively; 
most  don’t,  www.nwdocfinder.com/1262 


ONLINE:  Cisco  subnet 

Check  out  Network  World's  new  Cisco 
Subnet,  the  independent  voice  for 
Cisco  customers.  Our  editors  scour 
the  Web  for  the  most  important  Cisco- 
related  news,  blogs,  security  alerts 
and  more  —  all  presented  on  one  page. 

www.nwdocfinder.com/7073 


Convergence  &  VoIP:  About  two  years  ago, 
DePaul  University’s  IT  staff  began  plans  to 
replace  its  Nortel  81  and  Meridian  Mail  PBX 
communications  systems  that  serve  some 
4,500  users  at  the  university  Like  many  conver¬ 
sions,  the  shift  to  IP  telephony  (IPT)  was 
designed  to  take  several  years  and  was  going 
to  be  phased  in  by  user  group.  The  new  mes¬ 
saging  system  needed  to  provide  interworking 
between  the  new  IPT  system  and  the  legacy 
TDM  PBX,  and  it  needed  to  provide  full  inte¬ 
gration  with  Microsoft  Exchange  and  Active 
Directory  The  staff  decided  on  a  Cisco  solu¬ 
tion  (Call  Manager  and  Unity)  to  provide  tele¬ 
phony  features,  but  after  an  initial  pilot  the 
team  decided  to  use  an  Adorno  Unified 
Messaging  system  to  supply  unified  messag¬ 
ing.  Since  Cisco’s  Unity  platform  includes  uni¬ 
fied  messaging  capabilities,  we  asked  DePaul 
why  the  organization  decided  on  a  two-ven¬ 
dor  approach. 

www.nwdocfinder.com/1269 

Wireless  in  the  enterprise:  Security 
issues  —  whether  actual  or  perceived  — 
remain  the  bane  of  wireless  LAN  imple¬ 
mented’  existence.  So  say  the  respondents  to 
the  Kubernan/Webtorials  2007  Wireless  LAN 
State-of-the-Market  research,  sponsored  this 
year  by  Nortel.  Respondents’“insecurity" 


about  wireless  security  has  been  a  consistent 
primary  research  finding  each  of  the  four 
years  that  the  study  has  been  conducted. 
Nearly  52%  of  300  respondents,  who  are  sub¬ 
scribers  to  the  Webtorials  networking  educa¬ 
tion  Web  site  and  who  play  a  role  in  their 
companies’ WLAN  implementation,  cited 
security  as  one  of  the  two  biggest  challenges 
of  building  large-scale  Wi-Fi  deployments. The 
next  “biggest”  challenge  —  reliability  and  sta¬ 
bility  concerns  related  to  Wi-Fi’s  use  of  unli¬ 
censed  spectrum  —  didn’t  garner  even  half 
as  much  attention  (24%). 
www.nwdocfinder.com/1270 

Smali-business  technology:  Sad  head¬ 
lines  abound  in  the  VoIP  world:  SunRocket 
sinks, Vonage  stock  sinks,  joy  and  optimism 
sink. Wait,  not  every  company  in  this  market 
sings  the  blues.To  see  how  the  happier  half 
lives,  we  contacted  the  folks  at  Bandwidth, 
com.  CEO  Henry  Kaestner  said, “Our  premise 
is  simple:  We  provide  accountability  and 
transparency  I’m  proud  of  our  customer  reten¬ 
tion  rate,  because  we  only  lose  .8%  of  our  cus¬ 
tomers  per  month,  meaning  we  keep  99.2%.” 
That  “churn  rate”  of  .8%  is  so  low  cable  and 
cell  phone  company  executives  will  never  see 
anywhere  close  to  that  rate  for  their  own  busi¬ 
nesses.  www.nwdocfinder.com/1271 
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Skype  grapples  with  major  outage 


As  Network  World  went  to  press  on  Friday,  Skype  was  still  trying  to  restore  ser¬ 
vice  to  millions  of  its  customers  almost  24  hours  after  they  began  to  experi¬ 
ence  problems  logging  on  to  the  VoIP  service.  Skype  warned  customers  that 
the  problems  were  likely  to  continue  throughout  the  day  The  company  first 
acknowledged  the  service  outage  around  2  p.m. Thursday  and  later  identified  the 
cause  as  “a  deficiency  in  an  algorithm  within  Skype  networking  software.”  It  ruled 
out  any  link  with  the  planned  maintenance  of  its  Web-based  payment  service  on 
Wednesday  and  said  service  was  not  the  “victim  of  a  cyberattack.”The  service  had 
been  sporadic  but  gradually  improved  during  the  business  day  in  Asia  on  Friday. 
As  much  as  a  third  of  the  affected  Skype  users  could  be  in  small  businesses. 
www.nwdocfinder.com/1278 


VMware  IPO  a  huge  hit.  VMware,  whose 
new  VMW  stock  ticker  symbol  sounds 
remarkably  like  a  luxury  sports  car,  roared  off 
the  starting  line  in  its  first  day  as  a  public 
company  on  Aug.  14.  After  about  an  hour  of 
trading  on  the  New  York  Stock  Exchange, 
VMware  stock  rose  to  as  high  as  $55  a  share 
before  settling  down  to  just  more  than  $50  — 
72%  higher  than  its  starting  price  of  $29,  set 
by  VMware  the  day  before.  At  midday  on 
Friday  shares  were  back  at  $55. The  company 
a  maker  of  virtualization  software  aimed  at 
helping  data  centers  operate  more  efficiently 
put  33  million  shares  on  the  market.VMware 
is  talked  about  as  one  of  the  biggest  IPOs  of 
the  year.  It  was  founded  in  1998  and  was 
acquired  by  storage  hardware  vendor  EMC  in 
2004  for  $635  million.  EMC  decided  earlier 
this  year  to  sell  10%  of  VMware. 
www.nwdocfinder.com/1279 

Microsoft  patches  PatchGuard  . . . 
again.  Microsoft  has  updated  its  64-bit  ker 
nel  protection  for  Windows  Vista,  which  most 
users  know  as  PatchGuard,  but  which 
Microsoft  calls  Kernel  Patch  Protection. This  is 
Microsoft’s  third  PatchGuard  update,  in  what 
has  become  a  cat  and  mouse  game  between 
the  software  giant  and  security  researchers. 
Initially  it  was  thought  this  update  might  have 
something  to  do  with  the  recently  released 
“Purple  Pill”  or  Atsiv  software,  which  lets  you 
load  unsigned  drivers  into  the  Vista  kernel. 
Microsoft  didn’t  comment  on  this  directly  but 
its  public  relations  agency  said  that  the 
update  doesn’t  have  anything  to  do  with 
Purple  Pill. This  update  is  a  defense-in-depth 
change  that  builds  additional  checks  into 
KPP  for  increased  reliability,  performance  and 
security  Although  the  update  will  enhance 
security  within  the  kernel,  this  is  not  a  vulner¬ 
ability-related  issue. 
www.nwdocfinder.com/1280 

IBM,  PWC  settle  with  Department  of 
Justice.  IBM  and  PriceWaterhouseCoopers 
have  separately  agreed  to  pay  the  U.S.  govern¬ 
ment  a  total  of  $5.3  million  to  settle  allega¬ 
tions  that  the  companies  solicited  and  pro¬ 


vided  improper  payments  on  technology 
contracts  with  government  agencies,  the 
Department  of  Justice  announced  last  week. 
IBM  has  agreed  to  pay  just  less  than  $3  mil¬ 
lion  and  PWC  will  pay  $2.3  million  to  settle 
the  complaints,  the  Department  of  Justice 
said  in  a  news  release. The  allegations  of 
improper  contracting  practices  came  from  a 
group  of  whistleblower  lawsuits  targeting  sev¬ 
eral  technology  vendors  and  systems  integra¬ 
tors  filed  in  U.S.  District  Court  for  the  Eastern 
District  of  Arkansas  in  September  2004. The 
lawsuits,  filed  by  employees  at  Accenture  and 
PWC,  alleged  a  multimillion-dollar  kickback 
scheme  involving  work  on  numerous  U.S.  gov¬ 
ernment  contracts.  Other  companies  named 
in  the  lawsuits  include  Accenture,  HP  and 
Sun.  IBM  and  PWC  knowingly  requested  or 
made  kickback  payments  under  programs 
called  “alliance  benefits,”  shared  between  sys¬ 
tems  integrators  and  tech  vendors,  said  the 
Department  of  Justice,  which  joined  the  law¬ 
suits  in  April. 

www.nwdocfinder.com/1281 

IBM  system  to  monitor  Hudson  River. 

IBM  systems  will  provide  constant  monitoring 
of  New  York’s  Hudson  River  with  a  network  of 
sensors,  robotics  and  computational  technol¬ 
ogy  spanning  the  315-mile  waterway,  in  a  pro¬ 
ject  that  could  be  replicated  in  other  rivers. 
The  idea  is  to  predict  environmental  prob¬ 
lems  the  same  way  meteorologists  forecast 
the  weather,  according  to  IBM  and  its  partner 
in  the  project,  the  Beacon  Institute.“With  that 


technological  capability  we  can  better  under¬ 
stand  the  effects  of  global  warming,  the 
movements  of  migrating  fish  or  the  transport 
of  pollutants,”  said  Beacon  Institute  CEO  John 
Cronin  in  an  announcement  issued  last 
week.“The  implications  for  decision-making 
and  education  are  staggering.”  IBM  and  the 
Beacon  Institute  say  the  completed  project 
will  be  the  first  technology-based  monitoring 
and  forecasting  network  for  a  major 
American  river  and  estuary  Both  organiza¬ 
tions  anticipate  the  network  will  be  replicat¬ 
ed  in  other  rivers. 
www.nwdocfinder.com/1282 


Spending  slows, 
cost  cutting  grows 

Survey  of  IT  execs  shows  areas  ripe  for 
cost  reduction. 


Communications 
and  networking 
equipment  18% 


Internal  staffing 

Software 
maintenance  9% 


Software 
licensing  11% 


Survey:  IT  buyers  cautious  in  Q3. 

Technology  spending  is  stalling  as  the  year 
wears  on  and  as  plans  to  reduce  costs  come 
to  the  fore,  according  to  Goldman  Sachs’  most 
recent  poll  of  IT  decision  makers.  Goldman 
Sachs  this  week  is  releasing  the  findings  of  its 
June  survey  of  100  IT  decision  makers  at 
Fortune  1000  companies,  and  the  research 
firm  says  the  results  show  IT  buyers  are  getting 
cautious  once  again. Among  the  indicators 
pointing  to  a  spending  slowdown  are  drops  in 
plans  for  total  IT  spending  and  IT  capital 
spending  since  a  more  positive  April,  the  finan¬ 
cial  services  firm  says.  For  instance,  the  total  IT 
spending  index  was  at  71  in  April,  and  65  in 
June.The  technology  capital  spending  index 
also  dropped  in  that  time  period  from  68.5  to 
62.5,  which  means  survey  respondents  are 
tightening  their  purses  again.The  indexes 
Goldman  Sachs  uses  summarize  the  firm’s 
detailed  survey  data  on  forward  spending 
expectations.  More  significant,  Goldman  Sachs 
says,  is  that  this  year’s  June  poll  revealed 
spending  plans  are  lower  than  they  were  at 
the  same  time  last  year  —  which  could  impact 
IT  budgets  and  planned  projects  for  2008. 
www.nwdocflnder.com/1283 
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Manage  Any  Data  Center 
Anytime.  Anywhere. 


The  Power  of  Being 

■ 
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Avocent  builds  hardware  and  software  to  access,  manage  and  control  any  IT  asset 
in  your  data  center,  online  or  offline,  keeping  it,  and  your  business,  “always  on”. 

Visit  us  on  ou:  Remote  Control  Tour.  For  locations  near  you,  go  to 

www.avocent.com/remotecontrol. 
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Energy  tips  go  unheeded, 


BY  JON  BRODKIN 

Data  centers  are  literally  running  out  of 
power  and  storage.  The  dramatic  increase  in 
computational  performance  of  processors 
and  servers  is  not  being  matched  by  a  corre¬ 
sponding  rise  in  energy  efficiency,  said  Bruce 
Taylor,  chief  strategist  of  the  Uptime  Institute 
consulting  group,  last  week. 

“There  is  an  awful  lot  we  don’t  know  yet. 
We’re  still  at  the  beginning  of  looking  at  this 
problem,”  Taylor  said  during  a  panel  discus¬ 
sion  in  Boston  involving  HRAMD  and  EMC. 

Technology  vendors  on  the  panel  said  they 
are  finding  it  a  challenge  to  build  systems  effi¬ 
cient  enough  to  meet  storage  needs,  which 
are  increasing  more  than  50%  per  year.  But 
they  said  data  center  designers  and  operators 
often  fail  to  take  advantage  of  existing  tech¬ 
nology  and  design  principles  that  could 
greatly  reduce  power  consumption. 

The  average  data  center  probably  uses 
three  times  more  air  conditioning  and  cool¬ 
ing  than  needed,  Taylor  said.  Not  only  do 
operators  keep  temperatures  too  low,  design¬ 
ers  worried  about  aesthetics  often  fail  to  use 
efficient  layouts,  such  as  the  hot  aisle/cold 
aisle  method,  he  said. 

“Most  data  center  designers  do  not  look  at 
the  facility  using  the  right  metrics,”  said  Ken 
Baker,  an  infrastructure  technologist  at  HP 
“It’s  a  thermodynamic  workflow  problem.  If 
you  address  it  that  way  and  do  the  math,  it 
will  drive  you  to  these  improvements  right 
away” 

Automation  control  systems  for  cooling, 
combined  with  other  best  practices,  can  eas¬ 
ily  make  data  centers  50%  more  efficient, 

Data  center  energy 
crunch 

•  61  billion  kilowatt  hours  (kWh)  of 
electricity  were  consumed  by  servers 
and  data  centers  in  the  United  States 
in  2006,  at  a  cost  of  $4.5  billion. 

•  That’s  more  than  double  the  amount  in 
2000,  and  exceeds  the  electricity  used 
by  every  color  television  in  the  nation. 

•  Volume  servers  are  responsible  for 
68%  of  energy  used  by  IT  equipment  in 
data  centers. 

•  Half  of  the  overall  electricity  use  in 
data  centers  is  from  power  and  cooling. 

•  The  federal  government  accounts  for 
10%  of  data  center  energy  use. 

SOURCE:  U  S.  Environmental  Protection 

Agency,  Report  to  Congress  on  Server  and 

Data  Center  Energy  Efficiency,  August  2007. 


Baker  said. 

“The  best  practices,  in  many  cases,  already 
exist,” said  Dick  Sullivan,  director  of  enterprise 
solutions  marketing  at  EMC.“I  don’t  have  a  lot 
of  sympathy  for  those  people  who  just  dis¬ 
covered  they  ran  out  of  power  when  the  new 
DMX  storage  arrives  on  the  dock.  They  obvi¬ 
ously  haven’t  been  paying  attention  up  to  that 
point.” 

Only  10%  of  users  are  turning  on  power 
management  systems  that  power  computers 
down  when  idle,  said  Brent  Kerby,  an  AMD 
product  marketing  manager. 

IT  departments  can  save  energy  and  money 
by  consolidating  systems  that  have  small  dri¬ 
ves  into  systems  with  larger  drives,  and  by 
using  server  virtualization,  panelists  said. 

AMD  is  building  virtualization  capabilities 
into  processors  to  reduce  the  software  over¬ 
head  and  make  virtualization  more  accept¬ 
able  to  network  executives,  Kerby  said.  Intel, 
which  was  not  represented  on  the  panel,  is 
doing  the  same  with  its  processors. 

Baker  cautioned  observers  to  have 
patience  with  IT  shops,  which  might  undergo 
a  lengthy  and  costly  systems  overhaul  only  to 
see  a  vendor  come  out  with  an  even  better 
technology  the  next  day. 

“It  takes  forever  for  [new  processors]  to  be 
adopted,”  said  Samuel  Naffzinger,  an  AMD 
processor  designer.  “There’s  expensive  infra¬ 
structure  overhauls  that  go  along  with  it.” 

Ignoring  the  need  for  efficiency  will  cause 
the  industry  no  small  amount  of  financial 
pain  and  create  a  storage  problem  that  will 
not  be  easily  fixed,  Baker  said. 

The  U.S.  Environmental  Protection  Agency 
is  poised  to  take  action.  The  agency  this 
month  issued  a  report  to  Congress  recom¬ 
mending  federal  leadership,  standardized 
performance  measurement  for  data  centers 
and  possible  Energy  Star  efficiency  rules  for 
data  center  products. 

Some  companies  are  coming  up  with  inno¬ 
vative  ways  to  force  departments  to  be  more 
efficient.  Some  financial  firms,  for  example, 
require  departments  to  use  virtualization, and 
apply  fiscal  penalties  to  those  that  don’t,  said 
John  Tuccillo,  marketing  director  of  American 
Power  Conversion. 

The  data  center  energy  problem  must  be 
looked  at  holistically,  panelists  agreed.  Com¬ 
petitors  are  coming  together  to  find  solutions 
in  collaborative  organizations  like  the  Green 
Grid  (www.nwdocfinder.com/1254),  said 
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experts  say 

Baker,  who  is  a  member  of  the  group,  a  con¬ 
sortium  of  IT  companies  and  professionals 
seeking  to  lower  the  overall  consumption  of 
power  in  data  centers. 

Education  might  be  the  most  important 
solution. 

“Education  and  awareness  is  probably  the 
most  important  thing  we  should  all  be  doing 
today”  Sullivan  said. “A  lot  of  the  technologies 
that  exist  can  help  you  save  energy  You  need 
to  know  what  they  are, you  need  to  know  how 
to  deploy  them.”B 


InBrief 


TJX  increases  data-loss  tab 
from  $20Mto$118M 

In  a  filing  with  the  Securities  &  Exchange 
Commission  last  week, TJX  Companies 
stated  its  estimated  cost  for  the  comput¬ 
er  intrusions  it  disclosed  earlier  this  year 
has  now  reached  a  total  of  $118  million.  In 
an  earlier  SEC  filing  TJX  Companies,  the 
clothing  retailer  with  store  chains  that 
includeT.J.  Maxx,  had  tallied  the  cost  of 
the  network  break-ins  it  disclosed  back  in 
January  to  be  about  $20  million,  though  it 
noted  that  figure  could  go  higher.TJX 
Companies  told  the  SEC  the  company  has 
more  clearly  determined  "its  potential  lia¬ 
bility  from  the  computer  intrusion(s)  and 
recorded  an  after-tax  charge  of  $118  mil¬ 
lion."  Some  47.5  million  credit-  and  debit- 
card  numbers  were  stolen  in  2005  and 
another  130,000  this  year  by  hackers,  who 
have  yet  to  be  caught. 

Pair  of  storage  start-ups  file 
to  go  public 

Storage  start-ups  3PAR  and  EqualLogic 
filed  IPOs  last  week  in  a  market  that  is 
heating  up.This  year  alone,  3PAR  competi¬ 
tor  Compellent,  Data  Domain  and  Voltaire 
filed  for  IPOs. They  joined  Riverbed,  Isilon 
and  Mellanox,  who  filed  for  IPOs  last  year 
and  VMware,  which  went  public  last  week. 
3PAR,  the  manufacturer  of  a  storage  array 
that  supports  utility  computing,  is  hoping  to 
raise  $100  million  in  common  stock.  3PAR’s 
InServ  Storage  Servers  enable  consolida¬ 
tion  of  storage  resources  on  the  network. 
Its  software,  based  on  the  proprietary 
InForm  operating  system,  supports  capaci¬ 
ty  management,  thin  provisioning  and 
remote  copy  ability.  EqualLogic  makes 
iSCSI  storage  arrays. 
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Servers, 
Applications, 
Floor  space, 
Man-hours, 
Power, 
Storage... 

Introducing  the  revolutionary  enterprise  architecture 
that  finally  pays  you  back. 

Legacy  systems  work  fine  for  brute-force  cooling  the  entire  room,  but  skyrocketing 
energy  costs  make  them  fiscally  irresponsible  and  their  fundamentally  oversized 
design  makes  them  incapable  of  meeting  today's  high-density  challenges. 

Even  worse,  power  and  cooling  waste  may  actually  prevent  you  from  purchasing 
much-needed  new  IT  equipment.  Simple  problem,  simple  solution.  Cut  your  power 
and  cooling  costs  and  use  the  savings  to  buy  the  IT  equipment  you  need. 

According  to  Gartner  Research,  50%  of  all  data  centers  built  before  2002  will 
be  obsolete  by  2008  because  of  insufficient  power  and  cooling  capabilities. 

Power  and/or  cooling  issues  are  now  the  single  largest  problem  facing  data 
center  managers. 

There's  only  so  much  power  and  money  to  go  around 

Your  service  panel  limits  the  amount  of  power  available.  Your  budget  limits  the 
.  ,  amount  of  money.  You  have  to  stretch  every  bit  of  both  as  far  as  you  can. 

Schneider  What  you  need  is  the  APC-MGE  Efficient  Enterprise™. 

Electric 

The  APC-MGE  solution  offers  modular  scalability  so  that  you  pay  only  for  what  you 
use;  capacity  management  so  that  you  know  where  to  put  your  next  server;  and 
dedicated  in-row  and  heat-containment  systems  that  improve  cooling  and  thermal 
predictability.  An  Efficient  Enterprise  earns  you  money  through  the  pre-planned 
elimination  of  waste.  For  example,  simply  by  switching  from  room-  to  row-oriented 
cooling,  you  will  save,  on  average,  35%  of  your  electrical  costs. 

Our  system  reimburses  you 

Whether  you're  building  a  new  data  center  or  analyzing  the  efficiency  of  existing 
systems,  your  first  step  is  knowing  where  you  stand.  Take  the  online  Enterprise 
Efficiency  Audit  to  see  how  you  can  reap  the  benefits  of  a  smart,  integrated, 
efficient  system:  more  power,  more  control,  more  profits. 

How  efficient  is  your  enterprise  system?  See  exactly  where  you  stand 
— take  our  online  Enterprise  Efficiency  Audit  today! 

Visit  www.apc.com/promo  Key  Code  x41 9x  •  Call  888.289.APCC  x9166  •  Fax  401.788.2797 


The  Efficient  Enterprise “  makes  cooling  predictable  and  reduces 
operational  expenses  by... 

ff)  Employing  close-coupled  cooling.  Our  innovative 
^  InRoW “  architecture  allows  a  more  efficient,  targeted 
cooling  by  shortening  the  distance  between  heat  generation 
and  heat  removal. 

~  Containing  the  heat.  Our  Hot  Aisle  Containment  System 
' i)  reduces  hot  spots  by  preventing  hot  exhaust  air  from  mixing 
with  cool  air  in  the  room. 

Managing  capacity.  Intelligent,  integrated  capacity 
(3)  management  software  gives  you  real-time  data  on  your 
^  power  and  cooling  demands. 

Utilizing  right-sized  components.  Right-sized  "pay  as 
ft)  you  grow"  components  mean  no  more  wasting  power  with 
^  oversized  legacy  systems. 


Legendary  Reliability4 
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Cisco:  Video,  P2P  drive  IP  traffic 

Total  IP  traffic  will  nearly  quintuple  in  the  five-year  period  from  2006  to  2011 


The  exabyte  era 

Cisco  expects  Internet  traffic  to  grow  29  exabytes  per  month  by  2011,  driven 
mostly  by  consumers. 
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BY  JIM  DUFFY 

Video  will  drive  a  21%  compound  annual 
growth  rate  in  business  IP  traffic  across  WANs 
from  2006  to  2011,  according  to  a  forecast  on 
global  IP  traffic  released  last  week  by  Cisco. 

That  and  consumer  traffic,  which  will  sur¬ 
pass  business  IP  traffic  in  2008,  will  cause  over¬ 
all  IP  traffic  to  almost  double  every  two  years 
through  2011,  the  Cisco  report  finds.  Total  IP 
traffic  will  nearly  quintuple  in  the  five-year 
period  from  2006  to  201 1,  driven  by  high-defi¬ 
nition  video  and  high-speed  broadband  pene¬ 
tration,  the  firm  says. 

Cisco’s  report  is  based  on  its  own  estimates 
plus  projections  from  10  market  analysis  firms 
on  the  number  of  Internet  users,  broadband 
connections,  video  subscribers,  mobile  con¬ 
nections  and  Internet  application  adoption. 

On  the  business  side,  Cisco  found  that  busi¬ 
ness  IP  traffic  —  all  fixed  IP  WAN  or  Internet 
traffic  generated  by  organizations  —  will  grow 
fastest  in  developing  markets  and  Asia-Pacific. 
North  America, Western  Europe  and  Japan  will 
have  slower  growth  rates. 

In  volume,  North  America  will  continue  to 
have  the  most  business  IP  traffic  through 
2011,  followed  by  Western  Europe  and  then 
Asia-Pacific. 

Meanwhile,  business  Internet  traffic  —  all  IP 
traffic  that  crosses  an  Internet  backbone  — 
will  grow  at  a  compound  annual  growth  rate 
of  23%  from  2006  to  201 1,  driven  by  increased 
broadband  penetration  in  the  small  business 
segment. 

Overshadowing  that  will  be  consumer  IP 
traffic,  which  will  grow  at  a  compound  annual 
growth  rate  of  58%  from  2006  to  2011. 
Consumer  IP  traffic  will  surpass  17  exabytes 
per  month  by  2011,  the  Cisco  study  found. 
Business  IP  traffic  at  that  time  will  be  10 
exabytes. 

Forty  percent  of  consumer  IP  traffic  will  be 
Internet  traffic,  while  60%  will  be  traffic  gener¬ 
ated  by  the  delivery  of  traditional  commercial 
video  services  over  IP  within  a  single  opera¬ 
tor’s  network,  according  to  Cisco. This  is  a  “dra¬ 
matic”  shift  from  the  composition  of  2005  con¬ 
sumer  IP  traffic,  more  than  80%  of  which  is 
Internet  traffic,  the  Cisco  report  states. 

Internet  traffic  is  still  dominated  by  peer-to- 
peer  applications  and  this  trend  is  not  slow¬ 
ing,  the  Cisco  report  finds.  Peer-to-peer  traffic 
will  more  than  quadruple  from  649  petabytes 
per  month  in  2006  to  2,836  petabytes  per 
month  in  2011. 

Peer-to-peer  made  up  50%  of  all  consumer 
Internet  traffic  in  2006,  but  despite  quadru¬ 
pling  in  size,  will  only  make  up  39%  of  con¬ 
sumer  Internet  traffic  in  2011,  the  Cisco 
study  finds. 

Internet  video  streaming  and  downloads  are 


beginning  to  take  a  larger  share  of  bandwidth, 
and  will  grow  from  9%  of  all  consumer 
Internet  traffic  in  2006  to  30%  in  201 1. 

Internet  traffic  is  growing  fastest  in  develop¬ 
ing  markets,  followed  closely  by  Asia-Pacific. 

Internet  video-to-TV  will  increase  by  more 
than  a  factor  of  10  from  2007  to  201 1. 

Internet  video-to-PC  will  increase  by  a  factor 


BY  MICHAEL  COONEY 

IBM  last  week  rolled  out  a  new  version  of  its 
z/OS  mainframe  operating  system  that  fea¬ 
tures  a  huge  swig  of  security  enhancements. 

These  enhancements  include: 

•  Improved  network  security  policy  man¬ 
agement  —  making  it  easier  to  set  network 
security  policy  across  multiple  instances  of 
z/OS  mainframe  operating  systems. 
Administrators  need  to  define  one  centralized 
policy  to  enforce  network  encryption  rules 
and  intrusion  detection  for  all  z/OS  systems 
within  a  company,  IBM  said.  Today  individual 
systems  must  be  enabled  separately  (For  more 
on  mainframe  news,  see  page  18.) 

•  Enhanced  Public  Key  Infrastructure 
(PKI)  services  to  help  improve  the  creation, 
authentication,  renewal  and  management  of 
digital  certificates  for  user  and  device 
authentication.  By  managing  digital  certifi¬ 
cates  directly  through  their  z/OS  mainframe, 
customers  can  potentially  see  substantial 
savings  compared  with  the  cost  of  third- 


of  four.  Internet  video-to-TV  will  exceed 
Internet  video-to-PC  by  2009,  the  Cisco  study 
forecasts. 

In  wireless,  combined  traffic  from  3.5G  and 
WiMAX  networks  will  make  up  more  than  half 
of  all  mobile  data  traffic  by  201 1,  driven  large¬ 
ly  by  portable  computers  with  high-speed 
downlink  packet  access  and  WiMAX  cards.  ■ 


party  hosting,  IBM  said  in  a  release. 

•  Adoption  of  the  security  standard,  PKCS 
#11,  which  specifies  an  API  for  devices  that 
hold  cryptographic  information  and  perform 
cryptographic  functions. 

Z/OS  Version  1  Release  9  will  include  the 
ability  for  a  logical  partition  within  the  main¬ 
frame  to  span  54  processors.  With  prior  releas¬ 
es,  z/OS  let  a  partition  span  32  processors.  As 
the  mainframe  has  grown,  so  has  its  hardware 
capacity,  now  as  many  as  54  total  processors 
on  the  z9  Enterprise  Class  server. 

Improvements  to  z/OS  Unix  System  Services 
to  help  users  port  Unix  applications  onto  the 
mainframe.  Unix  System  Services  lets  users 
run  Unix  on  the  mainframe;  with  z/OS  1.9,  IBM 
has  enhanced  some  z/OS  Unix  commands  to 
help  the  porting  of  Unix  applications  to  the 
mainframe. The  new  operating  system  will  be 
available  on  Sept.  28.  It  will  run  on  the  zSeries 
800,  890,  900,  990  and  z9  servers,  and  will  be 
released  around  the  same  time  that  z/OS  1.6 
support  from  IBM  ends.B 


IBM  mainframe  operating  system 
to  get  huge  security  boost 
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BREAK  THE  CYCLE.  The  HP  BladeSystem  c-Class,  featuring  efficient 
Dual-Core  AMD  Opteron™  processors,  helps 
free  I.T.  from  the  cycle  of  server  management. 
It's  equipped  with  HP's  exclusive  Thermal 
Logic  Technology,  which  can  save  companies 
over  40%'  on  power  costs  by  managing  the 
balance  of  power  and  cooling  without  sacrificing  performance. 
And  HP  Thermal  Assessment  Services  can  customize  a  plan 
to  help  you  determine  optimal  cooling  and  thermal  levels  and 
reduce  energy  costs— so  your  budget  is  spent  on  things  that 
really  drive  your  business. 


1 .  Based  on  internal  HP  testing  of  power  and  cooling  costs;  compared  to  similarly  configured  HP  1 U,  2P  server.  AMD,  the  AMD  Arrow  logo,  AMD  Opteron,  and  combinations  thereof  are  trademarks  of  Advanced  Micro  Devices,  Inc.  The  information 
contained  herein  is  subject  to  change  without  notice.  ©  2007  Hewlett-Packard  Development  Company,  L.P. 


The  mainframe  returns 


Having  come  of  age  in  the  IT  industry  at 
the  start  of  the  1980s  —  the  likely  zenith 
of  the  mainframe  —  I  am  always  drawn 
to  mainframe-oriented  news.  For  the  last  15 
years,  though,  such  stories  have  been  ones  in 
which  the  writer  is  somewhat  amazed  that  the 
mainframe  is  “not  dead  yet.”  After  some  two 
decades  of  having  its  market  share  eroded  by 
migration  to  server-based  applications,  big  iron 
is  back.  And,  irony  of  ironies,  the  catalyst  for  the 
comeback  is  companies’  need  to  deal  with 
server  farms  that  have  grown  out  of  control. 
Where  even  very  large  companies  might  have 
had  only  a  dozen  or  so  (albeit  large  and  expen¬ 
sive)  mainframes,  it  is  not  unusual  today  for  quite  small  companies  to 
have  that  many  servers.  For  larger  companies,  the  server  farms  can 
number  in  the  hundreds  or  even  thousands. That  was  certainly  the 
case  with  IBM  itself.  In  early  August,  IBM  announced  it  was  doing  away 
with  some  3,900  physical  servers  and  replac¬ 
ing  them  with  some  30  mainframes  (www 
.nwdocfinder.com/1241).  According  to  IBM, 
the  energy  they  consume  will  be  80%  less, 
while  system  and  software  support  and  licens¬ 
ing  will  be  reduced  dramatically 
Another  irony:  It  is  far  easier  to  move 
from  servers  to  mainframe  than  it  was  to 
migrate  from  mainframe  to  servers  in  the 
first  place.  Back  then,  mainframe  programs 
generally  had  to  be  rewritten  from  scratch 
to  run  on  servers.  Moving  back,  though  is 
simple  because  the  consolidation  is  virtual. 

With  virtualization  all  the  rage  today,  it  is 
interesting  that  IBM  invented  operating-sys¬ 


tem  virtualization  with  its  mainframes  some  40  years  ago. 

Today’s  System  z  mainframe  is  not  the  one  that  users  left  in  droves 
over  the  last  two  decades  (www.nwdocfinder.com/1241). Then  IBM 
owned  the  data  center  —  filled  with  usually  proprietary  IBM  hardware 
and  software  —  and  users  had  little  choice  but  to  accept  what  IBM 
offered.  Change  was  slow,  and  almost  anything  carrying  the  IBM  logo 
cost  a  lot  more  than  it  should  have.  (At  one  point  in  the  1980s  IBM 
decided  it  would  have  a  three-tier  computing  structure:  mainframe, 
minicomputer  [System  3x]  and  PC.The  company  proceeded  to  upsize 
its  PC-based  DisplayWrite  word-processing  system  to  run  on  System  3x 
and  the  mainframe.  Word  processing  as  a  mainframe  program,  indeed!) 

The  new  mainframe,  however,  can  run  Linux  in  addition  to  IBM’s  z/OS 
and  as  noted,  the  key  point  is  virtualization.  Referred  to  as  LPAR  —  or 
logical  partitioning  —  IBM  has  had  this  hardware-assisted  virtualization 
for  several  decades  now.  Each  mainframe  can  run  hundreds  of  logical 
servers  at  once. 

All  of  this  is  good  news  for  users  running  out  of  space  and  energy 
(electrical  and  human).  It  is  bad  news  for  server  vendors,  and  for  ven¬ 
dors  that  price  their  software  by  physical  CPU 
—  though  a  license  change  can  put  them 
back  in  the  money 

Because  the  mainframe  is  running  Linux 
and  communicates  via  Ethernet  and  TCP/IP 
the  staggering  learning  curve  that  was  part  of 
the  IBM  experience  years  ago  is  gone. What 
IBM  fails  to  note  is  what  a  good  crossover 
point  is  —  50  servers,  500  servers?  There  are 
no  doubt  some  gotchas  and  limitations,  but 
with  potential  benefits  as  vast  as  this,  big  iron 
is  back  in  the  ballgame. 

Tolly  is  president  and  CEO  of  the  Tolly  Group. 
He  can  be  reached  at  ktolly@tolly.com. 
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ONLINE:  Data  center  event 

Clustered  servers.  Grid  computing. 
Virtualized  storage.  Perimeter- less, 
holistic  security.  Service-oriented 
management  platforms.  It's  the  land¬ 
scape  of  the  New  Data  Center. 
Explore  it  all.  Join  us  at  IT  Roadmap: 
Dallas  on  Sept.  6. 
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The  cost  of  compliance 

Regulatory  compliance  is  a  form  of  asym¬ 
metric  warfare.  It  always  will  be  faster  and 
cheaper  for  Congress  to  create  new  regu¬ 
lations  than  it  is  for  businesses  to  comply  with 
them.  After  all,  the  infamous  Section  404  of  the 
Sarbanes-Oxley  Act  is  only  a  few  sentences  but 
carries  an  enormous  punch. 

Regulations  also  often  have  unintended  con¬ 
sequences.  Some,  like  SOX-404,are  interpreted 
conservatively  by  auditors  and  lead  to  high 
compliance  costs.  Others,  like  California’s 
Database  Breach  Notification  Act  (SB1386), 
shine  a  spotlight  on  identity  theft  and  force  companies  to  notify  those 
affected  by  a  data  breach. While  identity  theft  almost  certainly  has  risen 
in  the  last  decade,  the  main  reason  for  the  publicity  surrounding  it  is  the 
adoption  of  SB1386  and  the  resulting  flood  of  disclosures.The  damage 
to  a  company’s  reputation  that  comes  with  the  forced  publicity  of  a 
data  breach  has  created  the  most  powerful  incentives  for  stronger  infor¬ 
mation  security“Stay  off  the  front  page  of  [insert  daily  newspaper 
name]” is  a  common  mantra  for  IT  executives  benchmarking  security  in 
the  enterprise. 

Asked  how  much  they  spend  on  compliance,  most  IT  executives  say 
they  don’t  know  because  there  isn’t  a  separate  budget  under  which 
such  things  are  tracked.  Most  are  sure  it  isn’t  small  change:‘A  nice  little 
bundle,”  the  security  architect  at  a  transportation  company  puts  it;“an 
absurd  amount,”  a  bank’s  security  manager  says. 

IT  executives,  however,  certainly  know  which 
parts  of  the  regulatory  landscape  are  costing 
them  the  most.  When  asked  for  the  five  costliest 
regulations  they  deal  with,  hardly  anyone  had  to 
think  long  before  answering.  Somewhat  surpris¬ 
ingly  despite  the  volume  and  intensity  of  grip¬ 
ing  about  it,  SOX  is  not  the  most  onerous  regula¬ 


tion. That  honor  goes  to  various  vertical-specific  federal  regulations, 
such  as  the  Health  Information  Portability  and  Accountability  Act  or 
the  Gramm-Leach-Bliley  Act.  In  a  recent  security  benchmark,  the  specif¬ 
ic  regulations  are  singled  out  as  most  expensive  nearly  37%  of  the  time, 

as  opposed  to  SOX,  sin¬ 
gled  out  as  most  expen¬ 
sive  just  over  26%  of  the 
time. 

Of  course,  when  an 
organization  improves 
its  security  processes, 
auditing  and  reporting, 
those  improvements  can  be  mapped  to  many  different  regulations.The 
use  of  security  best-practices  frameworks  —  for  example,  the  Control 
Objectives  for  Information  and  related  Technology  and  ISO  17799  —  is 
growing  rapidly  Most  large  companies  at  least  are  looking  at  frame¬ 
works,  even  if  they  aren’t  adopting  them  formally 
Beyond  whatever  other  benefits  frameworks  bring  to  the  enterprise, 
their  use  is  growing,  in  large  measure  because  they  map  specific  secu¬ 
rity  best  practices  to  specific  regulatory  requirements.  Moreover,  best 
practices  often  apply  to  several  regulatory  regimes  simultaneously  so 
implementing  best  practices  in  this  way  prepares  IT  to  meet  a  dynamic 
and  broad  set  of  rules  and  regulations. 

It’s  best  for  companies  facing  the  asymmetric  warfare  of  a  lawmaker’s 
pen  to  avoid  direct  engagement.The  way  to  reduce  compliance  costs  is 
to  apply  a  broader  framework,  then  map  it  to 
each  regulation  that  comes  along.The  only  cer¬ 
tainty  is  that  there  will  be  more  regulation. 

Antonopoulos  is  senior  vice  president  and 
founding  partner  at  Nemertes  Research,  a  tech¬ 
nology  research  firm.  He  can  be  reached  at 
andreas@nemertes.  com. 
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More  ways  to  consume 


One  network  with  the  power  to  connect  them  all.  Keeping  pace  with  the  digital 

demands  of  your  customers  requires  more  than  a  simple  solution.  It  demands  access  to  a  global  content  delivery  portfolio 
from  a  leading  IP  network.  An  open  highway  for  transmitting  everything  from  major  sporting  events  to  live  news  and 
user-generated  content.  Trusted  to  deliver  content  where  it  needs  to  go,  no  matter  what  form  it  takes.  Learn  more  by 
downloading  the  Heavy  Reading  whitepaper  "Internet  Video  Driving  Next  Generation  CDNs,"  at  www.level3connects.com. 
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SCO  Group:  Mini-Me  trying  to  be  Darth  Vader 


Sometime  before 
March  2003  The 
SCO  Group  de¬ 
cided  that  making 
products  that  people 
might  want  to  buy 
was  passe  and  decid¬ 
ed  to  get  into  the 
“business”  of  filing 
lawsuits  instead.  Its 
first  target  was  IBM 
but  it  soon  expanded 
its  scope  to  take  on 
the  entire  open  source  community  and 
scores  of  businesses  actually  trying  to  do 
things  that  benefit  society.  It’s  been  a  long 
road  since  but  the  end  is  in  sight  —  the  end 
of  The  SCO  Group  that  is. 

I’ve  written  about  The  SCO  Group  a  num¬ 
ber  of  times  (“Slime  for  sale,”  www.nwdoc 
finder.com/1232;  “A  quiz  about  2006,”  www 
.nwdocfinder.com/1233;  “Microsoft:  Delay¬ 
ing  product, spewing  FUD,”www.nwdocfind- 
er.com/ 1234;  and  “SCO’s  last  gasp?,”  www 
.nwdocfinder.com/1235).  1  expect  this  will 
be  my  next-to-last  column  on  the  subject 
—  the  column  that  I  expect  to  be  the  last 
one,  not  lamenting  its  passing,  may  come 
soon. 

On  March  6,  2003,  The  SCO  Group  sued 
IBM  claiming  that  IBM  had  done  all  sorts 
of  bad  things  with  SCO  Group  intellectual 
property  rights  (IPR)  and  asking  for  a  bil¬ 
lion  dollars  or  so  to  right  the  alleged 
wrongs.  The  lawsuit  all  depended  on  the 
statement  in  paragraph  18  of  the  com¬ 


plaint:  “SCO  is  the  present  owner  of  all 
software  code  and  licensing  rights  to 
System  V  Technology”  (www.nwdocfinder 
.com/ 1236). 

On  Aug.  10,  Judge  Dale  A.  Kimball  ruled 
that  SCO  was  in  error  when  it  wrote  that 
paragraph.  The  judge  ruled  that  SCO  does 
not  own  the  copyrights  to  Unix.  He  also 
ruled  that  Novell  could  force  SCO  to  drop 
all  actions  against  IBM  that  depended  on 
such  ownership  and,  to  complete  the  pic¬ 
ture,  that  SCO  owes  Novell  a  pile  of  money 
of  yet  to  be  determined  size.  These  rulings 
more  than  take  the  wind  out  of  SCO’s  sails; 
they  are  likely  SCO’s  death  notice  —  and 
this  could  not  happen  to  nicer  people. 

After  suing  IBM  SCO  went  after  the  Linux 
community,  saying  that  it  wanted  $700 
license  fee  per  machine  to  pay  for  what  it 
claimed  were  millions  of  lines  of  SCO- 
owned  code  on  Linux.  It  even  sued  a  few 
companies  that  were  using  Linux.  SCO 
made  it  very  clear  that  it  would  be  quite 
happy  if  Linux,  as  an  open  source  software 
effort,  was  killed  by  SCO’s  actions. The  move 
that  resulted  in  the  current  ruling  was  SCO 
deciding  to  sue  Novell  when  Novell  had  the 
audacity  to  point  out  that  SCO  did  not  actu¬ 
ally  own  the  Unix  copyrights. 

Even  before  this  ruling  SCO’s  case  against 
IBM  was  in  deep  trouble  after  it  was  only 
able  to  point  to  326  lines  of  possibly  infring¬ 
ing  code  in  Linux  and  after  the  court  tossed 
many  of  SCO’s  contentions  against  IBM 
(“SCO  Group’s  last  gasp?”  www.nwdocfind- 
er.com/1237). 


The  same  judge  who  ruled  that  SCO  did 
not  have  the  IPR  it  claimed  to  have  is  pre¬ 
siding  over  the  IBM  case.  According  to 
Groklaw  (www.nwdocfinder.com/1238),  the 
incredibly  well-done  site  that  has  been  fol¬ 
lowing  the  case,  he  has  ordered  the  parties 
in  that  case  present  statements  of  the 
impact  of  his  Novell  decision  on  the  IBM 
case  by  the  end  of  the  month  (www.nw 
docfinder.com/1239).  It  looks  from  these 
developments  that  the  SCO  cases  and  thus, 
SCO  itself,  are  toast. 

Because  of  the  facts  of  the  case,  we  are 
about  to  be  rid  of  a  Mini-Me-sized  company 
that  aspired  to  be  Darth  Vader  —  destroying 
Linux  and  extracting  tribute  from  IBM  and 
the  open  source  federation.  That  leaves  a 
rather  different  threat  still  pending. 
Microsoft  continues  to  hint  that  it  has  a 
Death  Star  that  is  about  ready  to  fire  on  and 
destroy  open  source.  Like  SCO,  Microsoft 
will  not  show  anyone  what  violations  they 
think  they  have  uncovered  (“Microsoft: 
Invisible  patents  as  a  uniform,”  www.nw 
docfinder.com/1240).  Maybe,  in  the  end, 
Microsoft  will  be  shown  to  have  as  little 
behind  the  curtain  as  SCO  had.  Until  then, 
lets  rejoice  that  the  end  is  near  for  one 
slime  merchant. 

Disclaimer:  Harvard  has  seen  a  lot  of  slime 
merchants  come  and  go  but  has  not 
expressed  an  opinion  on  this  one. 

Brndner  is  Harvard  University's  technology 
security  officer.  He  can  be  reached  at 
sob@sobco.com. 
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Another  CEO  falls  . . .  and  too  few  hear  will  hear 


It’s  been  just  more 
than  two  years 
since  erstwhile 
WorldCom  CEO 
Bernie  Ebbers  was 
sentenced  to  25  years 
in  prison.  And  last 
month,  former  Qwest 
CEO  Joe  Nacchio  was 
sentenced  to  six 
years  for  19  counts  of 
insider  trading,  to 
start  immediately 
(he’s  appealing,  but 
not  likely  to  prevail,  and  in  any  event  faces 
further  investigation  by  the  Securities  and 
Exchange  Commission). 

Nacchio  had  sold  Qwest  stock  ahead  of 
investors  after  learning  the  company  would 
miss  its  financial  goals,  thereby  affecting  the 
value  of  employee  pensions  and  401  (k) 
investments.  As  U.S.  District  Court  Judge 
Edward  Nottingham  put  it,  Nacchio  was 
guilty  of  “overarching  greed.”  Nacchio  is  also 
liable  for  a  $19  million  fine  and  forfeiture  of 
$52  million  in  illegally  acquired  assets. 
What’s  most  noteworthy  about  Nacchio’s 


sentencing  is  not  its  severity  —  it’s  the  ho- 
hum  response  it  garnered.  After  all  these 
years,  CEO  malfeasance  is  pretty  much  just 
more  of  the  same.  After  all,  it’s  not  like  crim¬ 
inal  CEOs  are  particularly  rare  these  days:  In 
addition  to  Ebbers,  Tyco’s  ex-CEO  Dennis 
Kozlowski  got  eight  years  for  improper  use 
of  company  funds.  Enron  CEO  Jeffrey 
Skilling  got  24  years  for  lying  to  investors, 
and  former  chairman  Ken  Lay  died  before 
he  could  get  sentenced  for  his  role  in  the 
Enron  debacle. 

Nacchio’s  sentencing  is  just  one  more 
brush  stroke  in  the  panorama  that  showcas¬ 
es  execs  as  greedy,  arrogant  and  often 
downright  criminal.  And  that’s  a  real  shame 
—  not  because  it’s  (necessarily)  inaccurate, 
but  because  trust  in  the  fairness  of  the  sys¬ 
tem  is  what’s  critical  for  financial  markets  to 
work.  It’s  the  fuel  that  funds  the  economic 
engine  from  which  we  all  earn  our  livings. 

As  I  wrote  a  few  years  back,  the  most  seri¬ 
ous  aspect  of  these  crimes  is  the  destruction 
of  public  trust.  By  creating  an  atmosphere  in 
which  leaders  can’t  be  trusted,  criminal  CEOs 
damage  not  only  shareholders,  employees 
and  customers,  but  the  entire  legal  and  eco¬ 


nomic  structure.  As  James  Stewart  wrote: 
“Violations  of  the  law  are  not  victimless 
crimes. When  [they  occur] ,  our  confidence  in 
the  underlying  fairness  of  the  market  is  shat¬ 
tered.  We  are  all  victims.” 

Stewart’s  right.  “Paper”  crimes  have  real 
consequences  —  and  to  some  extent,  we’re 
all  victims.  As  I  write  this,  global  markets  are 
experiencing  a  liquidity  crisis  —  banks  are 
afraid  to  make  loans,  and  people  who  need 
cash  can’t  get  it  —  in  no  small  part  because 
folks  have  lost  confidence  in  the  people 
and  entities  who  financed  the  recent  real- 
estate  bubble.  And  one  explanation  for  the 
increasing  popularity  of  private  equity  firms 
is  a  loss  of  confidence  in  the  fairness  of  the 
public  markets. 

When  criminally  greedy  CEOs  are  caught 
and  punished,  they  and  their  families  suffer. 
But  when  public  trust  is  diminished,  we  all 
lose.  And  sending  the  guilty  to  jail  doesn’t 
bring  back  the  trust. 

Johna  Till  Johnson  is  president  and  senior 
founding  partner  at  Nemertes  Research,  an 
independent  technology  research  firm.  She  can 
be  reached  at  johna@nemertes.com. 
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WHEN  GOOD  ENOUGH... 
IS  NOT  ENOUGH! 


QsTenG  -  Low  Latency  1 0  Gigabit  Ethernet  Switches 


Quadrics  has  a  background  in  High  Performance 
Computing  Networks  -  so  when  it  comes  to  raw 
performance  -  we  know  what  we're  taking  about. 

The  TGI 08  96  port  10  Gigabit  switch  leads  the 
market  in  ultra  low  latency  intelligent  Ethernet 
switching,  delivering  cut-through  routing  with 
latencies  as  low  as  400  ns.  Its  robust  layer-2 
switching  capabilities  and  the  ubiquity  of  Ether¬ 
net  make  the  TGI  08  the  core  switch  of  choice  for 
today's  datacenters. 


TGI  08  -  starts  at  $32,000* 

•  Modular  chassis,  1 2  line  cards  for  up  to  96 
10  GbE  ports 

•  1 0GBASE-CX4  industry  standard  interfaces 

•  2  stage  internal  fat  tree,  480  Gbit/s  backplane 
connectivity 

•  Compact  form  factor  -  8U  rack  mountable 

•  Industry  standard  CLI  and  SNMP  interfaces 


8  port  line  card 


FREE  EVALUATION  UNIT  AVAILABLE 
www.quadrics.com  -  408.955.0853 


*  price  applies  to  a  24  1 0  GbE  ports  configuration, 
redundant  controllers  and  power  supplies 
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VoIP 

continued  from  page  6 

The  problem  is  well  recognized,  and  known 
exploits  are  publicized  to  help  develop  de¬ 
fenses  against  them.  For  example,  the  industry 
group  VoIP  Security  Alliance  publishes  a  set  of 
hacking  tools  on  its  site  it  promotes  as  securi¬ 
ty  tools  that  makes  sure  VoIP  gear  can  with¬ 
stand  real-world  attacks. 

Securing  VoIP  is  not  insurmountable,  says 
Peter  Thermos,  CTO  of  security  consulting 
firm  Palindrome  Technologies.  He  revealed 
vulnerabilities  to  media  gateway  control  pro¬ 
tocol  (MGCP)  that  enable  rerouting  calls  or 
cutting  them  off.  He  also  showed  a  vulnera¬ 
bility  to  ZRTRa  pending-standard,  encrypted 
VoIP  protocol  that  didn’t  encrypt  the  sounds 
of  tones  made  by  pressing  phone  buttons. 
That  potentially  left  credit  card  numbers 
being  entered  over  VoIP  lines  open  to  being 
picked  off,  he  says. 

The  MGCP  problem  will  ultimately  require  a 
change  to  the  protocol  itself,  but  in  the  mean¬ 
time  users  can  shore  it  up  by  blocking  unau¬ 
thorized  access  to  the  ports  MGCP  uses, 
Thermos  says.The  ZRTP  problem  involved  the 
implementation  of  the  protocol  and  has  been 
addressed  with  a  patch. 

The  best  route  for  businesses  implementing 
VoIP  is  to  set  individual  security  requirements 
ahead  of  time, which  differ  among  companies, 
he  says.  A  financial  institution  or  government 
agency  may  need  confidentiality  and  there¬ 
fore  more  encryption  than  other  businesses, 
he  says. 

“The  common  mistake  I  see  is  that  cus¬ 
tomers  don’t  define  their  security  require¬ 
ments  for  their  particular  network,  realize  later 
that  they  need  security  then  perceive  it  as  an 
additional  cost, ’’Thermos  says.  Getting  security 
tools  in  place  from  the  outset  also  better 
defends  VoIP  against  threats  not  yet  discov¬ 
ered,  he  says. 

VoIP  more  secure  than  PSTN 

Despite  the  genuine  possibilities  of  attack, 
some  experts  say  that  VoIP  is  more  secure  than 
the  traditional  public  switched  telephone  net¬ 
work  (PSTN). 

“The  VoIP  system  is  much  more  secure  than 
traditional  systems,”  says  Ari  Takanen,  founder 
and  CTO  of  Codenomicon,  which  makes  soft¬ 
ware  security-testing  tools.  Speaking  at  the  re¬ 
cent  VON  Europe  2007  conference,  he 
acknowledged  VoIP  vulnerabilities,  but  said 
they  were  not  insurmountable.“IP  systems  are 
more  exposed,  but  you  have  more  security 
that  you  can  install,”  he  says.“If  you  don’t  use  it 
—  that’s  stupid.” 

Cullen  Jennings,  a  distinguished  engineer  at 
Cisco’s  VoIP  group,  who  also  spoke  at  the  con¬ 
ference,  notes  that  PSTN  caller  ID  is  easily 
spoofed,  and  toll  fraud  via  traditional  PBXs  is 
still  common. 

Jennings  says  PSTN  reliability  —  the  avail¬ 
ability  of  dial  tone  nearly  all  the  time  —  is 
one  highly  touted  measure  of  the  quality  of 


service.  But  that  does  not  mean  the  PSTN  is 
invulnerable  or  even  better  than  VoIP  “I’m 
not  claiming  the  PSTN  does  not  meet  its 
[reliability]  goals,”  he  says,  but  that  has  no 
bearing  on  whether,  for  example,  caller  ID 
can  be  spoofed.  “If  the  core  network  went 
down  it  doesn’t  matter  if  the  threat  was  to 
caller  ID,”  he  says. 

Big  threats 

The  top  threats  to  VoIP  listed  by  the  VON 
panel  were: 

•  Zero-day  problems  for  which  vendors  have 
not  yet  issued  a  fix. 

•  Security  not  being  turned  on  because  it  is 
too  complex. 


PDF  spam  leads  the 
charge  into  in-boxes  as 
content  filtering  falters 

BY  CARA  GARRETSON 

There  is  17%  more  spam  heading  for  in-boxes 
today  than  there  was  yesterday  and  spam 
watchers  say  it  could  get  even  worse  before 
the  summer  is  over. 

Reports  from  security  vendors  that  trap  un¬ 
wanted  messages  in  their  spam  filters  are  bor¬ 
dering  on  the  hysterical  as  new  data  emerges 
daily  regarding  just  how  bad  the  spam  epi¬ 
demic  has  become.  PDF  spam,  the  latest  trick, 
is  leading  the  charge  and  destined  to  become 
this  year’s  version  of  image  spam  that  fooled  fil¬ 
ters  and  clogged  in-boxes  for  a  good  part  of 
2006. 

As  the  spam  barrage  continues  and  spam¬ 
mers  come  up  with  one  new  trick  after  the 
next,  some  question  whether  scanning  an 
e-mail  message’s  content  is  still  an  effective 
way  of  detecting  unwanted  messages. 

“The  growth  (and  now  peak)  of  image-based 
spam  is  just  another  outgrowth  of  the  ever- 
changing  spammer  dynamic.  We  have  seen 
some  PDF-based  spam,  and  I  expect  it  to  grow 


ONLINE:  Antispam  buyer's  guide 

This  Buyer's  Guide  comprises  enter¬ 
prise  level  gateway  and  client-side 
antispam  products  and  services.  If  a 
product  fights  spam,  it  is  eligible  to  be 
listed  in  Network  World's  constantly 
updated  guide. 

www.nwdocfinder.com/1059 


•  Vendor-specific  vulnerabilities  that  are  not 
addressed  by  best  practices. 

Ultimately  businesses  will  not  turn  their 
backs  on  VoIP  because  they  are  worried  about 
security,  says  Akif  Arsoy,  a  VoIP  product  manag¬ 
er  for  VeriSign. They  will  adopt  it  for  integrated 
voice  and  data  in  a  converged  network.  “End 
users  make  decisions  on  what  am  I  getting 
[with  VoIP]  that  I’m  not  getting  today”  with  tra¬ 
ditional  voice?  Arsoy  says. 

Even  so,  expect  more  VoIP  exploits  to  emerge 
over  the  near-term,  says  Thermos,  who  already 
identified  more  signaling  protocol  weakness¬ 
es  and  implementation  vulnerabilities.  “We’re 
just  touching  on  the  beginnings  of  many 
exploits  that  will  be  coming,”  he  says.B 


more.  However,  it  simply  represents  another 
‘tool  in  the  arsenal’  for  the  typical  spammer]’ 
says  David  Salbego,  Unix  and  operations  man¬ 
ager  of  computing  and  information  systems 
with  Argonne  National  Laboratory  a  division  of 
the  Department  of  Energy  (DOE)  operated  out 
of  the  University  of  Chicago.“Ultimately  filtering 
spam  at  the  content  level  will  become  less  and 
less  effective.  A  better  way  to  control  spam  is  by 
considering  the  source  of  the  message  —  the 
IP  address  of  the  mail  server  attempting  to 
deliver  the  message.” 

Most  messaging  security  vendors  now  em¬ 
ploy  a  number  of  techniques  to  catch  spam, 
including  relying  on  reputation  services,  which 
assign  a  score  to  sending  IP  addresses  based 
on  that  address’s  past  behavior.  But  no  combi¬ 
nation  of  techniques  is  foolproof,  and  every 
time  spammers  try  a  new  trick  e-mail  users  suf¬ 
fer  until  the  vendors  catch  on  to  the  trick  and 
find  a  way  to  block  those  messages. 

For  example,  after  a  few  years  of  spam  vol¬ 
umes  on  the  decline,  e-mail  users  were  hit  with 
a  sharp  rise  in  spam  last  fall,  when  spammers 
figured  out  that  by  embedding  text  inside  an 
image  file  they  could  fool  content  filters.  At  the 
same  time  there  was  a  significant  rise  in  spam¬ 
mers’  use  of  botnets,  armies  of  PCs  taken  over 
by  malware  and  turned  into  spam  servers  with¬ 
out  their  owners  realizing  it.  That  can  confuse 
reputation  services,  because  IP  addresses  that 
previously  had  clean  reputations  suddenly 
start  sending  out  thousands  of  messages  at 
once. Those  tricks  combined  accounted  for  as 
much  as  an  80%  rise  in  spam  levels  last 
October,  according  to  spam  watchers. 

Now,  as  antispam  filters  have  been  updat¬ 
ed  to  catch  image  spam,  spammers  have 
moved  on. 

According  to  Secure  Computing,  which 
reported  the  17%  jump  in  spam  levels  today 

See  Spam,  page  24 


Spam  continues  to  hit 
record  levels 
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Introducing  the  fastest  chip  on  earth! 

Two  years  ago,  Sun  revolutionized  the  microprocessor  industry  with 
our  first  multicore  CPU,  the  UltraSPARC®  Ti  “Niagara,”  which  delivered 
the  highest  throughput  and  lowest  power  consumption  of  any 
processor  available. 

Now  we're  doubling  that  performance,  crushing  benchmarks  and  power 
bills  with  the  fastest  commodity  silicon  the  industry  has  ever  seen:  the  Sun 
UltraSPARC  T2.  EIGHT  cores,  EIGHT  threads  per  core— a  64-WAY  computer 
on  one  chip!  — combined  with  onboard  10  GigE,  built-in  virtualization  and 
wire-speed  crypto  support  to  gulp  even  more  data.  While  sipping  energy. 

The  UltraSPARC  T2— commodity  silicon  without  commodity  performance. 

Learn  more  about  the  UltraSPARC  T2  processor  at  sun.com/t2chip. 


Sun 

microsystems 


soiaris 


ULTRASPARC 


Call  your  local  Sun  Sales  Representative,  Sun  Authorized  Partner  or  888.516.9362. 

Benchmark  information  can  be  found  at  sun.com/tl  Sun  disclaims  any  responsibility  for  emotions  or  medical  conditions  elicited  by  Niagara  performaiKe  or  availability.  Those  sensitive  to  shocking  revelation  are  recommended 
to  read  this  ad,  and  any  further  information  related  to  UltraSPARC  T2,  while  in  the  seated  position.  ©  2007  Sun  Microsystems,  Inc.  All  nghts  reserved.  All  logos  and  trademarks  are  property  of  their  respective  owners. 
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Citrix 

continued  from  page  6 

“For  Citrix,  [WSV]  becomes  the  base  operat¬ 
ing-system  component  for  its  next  business,  just 
as  Windows  Terminal  Server  has  been  for  Pre¬ 
sentation  Server’’ according  to  a  note  authored 
by  451  Group  analysts  William  Fellows,  Rachel 
Chalmers  and  John  Abbott. 

In  that  Microsoft/Citrix  partnership  around 
thin-client  technology  Citrix  has  access  to 
Microsoft  source  code  via  a  deal  where  it 
licensed  its  thin-client  technology  to  Microsoft 
for  the  early  versions  of  Terminal  Server.  Citrix 
now  uses  that  insider  information  to  build 
tools  for  the  platform  that  Microsoft  does  not 
offer,  a  business  that  nets  the  company  more 
than  $1  billion  annually 

The  same  model  is  ripe  to  exploit  through 
the  XenSource  acquisition  given  a  June  2006 
deal  between  Microsoft  and  XenSource  where 
the  latter  gained  access  to  Microsoft  APIs  in 
order  to  build  management  tools  that  work 
across  the  Xen  and  Microsoft  hypervisors,  a 
thin  layer  that  runs  on  the  server  hardware. 

“The  hypervisor  is  a  commodity  of  sorts;  it  is 
what  is  around  it  that  is  interesting,”  says 
Gordon  Haff,an  analyst  with  llluminata. 

Haff  says  that,  while  users  understand  the 
cost  benefits  of  virtualization,  what  IT  will  real¬ 


ly  care  about  is  having  one  tool  set  to  mange 
physical  machines,  virtual  machines  and  all 
the  infrastructure  they  need  to  operate,  includ¬ 
ing  failover,  backup,  storage,  load  balancing 
and  firewalls. 

“It’s  not  about  server  virtualization,”  says 
Frank  Gillett,  an  analyst  with  Forrester  Re¬ 
search, “it’s  about  when  I  have  virtual  servers  I 
can  completely  change  how  I  think  about  IT 
infrastructure.  When  1  move  virtual  servers 
around,  I  have  to  have  storage  that  is  not  only 
networked  but  flexible,  so  when  I  move  the  vir¬ 
tual  server,  the  storage  connections  go  with  it 
and  ditto  for  VLans,  load  balancing,  SSL  accel¬ 
eration  and  firewalls.” 

Gillett  also  noted  that  VMware’s  Infrastructure 
3  platform  includes  backup,  file  system,  and 
rapid-recovery  tools.  XenSource  last  week  also 
added  management  tools  as  part  of  its 
XenEnterprise  v4  that  include  resource  pool¬ 
ing  and  live  migration  via  XenMotion.  In  addi¬ 
tion,  XenSource  recently  teamed  with  Syman¬ 
tec  to  integrate  Veritas  Storage  Foundation. 

But  there  are  challenges  awaiting  the 
Citrix/XenSource  union,  according  to  experts. 

“Citrix  on  the  data-center  side  is  entering 
new  markets  with  new  buyers  and  new  value 
propositions,  and  there  is  a  lot  to  pull  together’’ 
Forrester’s  Gillett  says.  “What  is  at  stake  here  is 
the  battle  over  who  controls  the  software  that 


controls  the  data  center!’ 

In  addition,  while  Microsoft  might  be  a  some¬ 
times  friend  on  the  server  side,  on  the  desktop- 
virtualization  side,  it  shapes  up  more  as  a  foe 
with  its  SoftGrid  tools  for  application  virtual¬ 
ization  and  integration  with  Terminal  Server. 

Citrix/XenSource  also  will  have  to  contend 
with  the  Linux  vendors,  most  notably  Novell 
and  Red  Hat,  who  have  incorporated  the  open 
source  Xen  hypervisor  into  their  operating  sys¬ 
tems  and  built  management  tools  around  it. 

Novell  has  built  its  ZenWorks  Orchestrator 
tool  for  cross-platform,  cross-hypervisor  man¬ 
agement  and  carved  out  deals  with  BMW  Casio 
and  Japan’s  Sumitomo  Electric.  Red  Hat  also 
has  built  tools, such  as  provisioning  and  storage 
virtualization,  into  its  platform  and  last  week 
added  Swisscom  IT  to  its  Xen  customer  list. 

There  could  be  other  challenges,  including 
more  mergers  and  acquisitions. 

“Could  this  deal  be  a  prelude  to  the  acquisi¬ 
tion  of  Citrix  by  Microsoft?,”  the  451  Group 
asked  in  its  research  note.  “That  way  Microsoft 
distances  itself  from  the  awkward  GPL  aspects 
of  what  XenSource  does  [with  open  source 
Xen],  fuses  its  own  server-consolidation  story 
into  a  credible  Virtualization  desktop  utility’ 
stack,  and  —  not  least  —  gets  its  hands  on  the 
lucrative  $1  billion  enterprise  Windows  rev¬ 
enues  now  generated  by  Presentation  Server!’ ■ 


Citrix  goes  shopping 

Citrix  is  wasting  no  time  building  out  its  technology  empire.  Here  is  a  sample  of  the  company’s  buys. 


Acquisition  target: 

XenSource 

Caymas 

Systems* 

Orbital 

Data 

Teros 

NetScaler 

Net6 

Expertcity 

Deal  announced: 

August  2007 

$500  million 

June  2007 

August  2006 

November 

2005 

June  2005 

November 

2004 

December 

2003 

What  Citrix  paid: 

Undisclosed 

$50  million 

$27.4  million 

$300  million 

$50  million 

$225  million 

What  Citrix  gets: 

Server-  and 
desktop- 
virtualization 
technology. 

Network 

access- 
control  and 
SSL VPN 
technology. 

WAN- 

optimization 

technologies. 

XML  security 
and  appli¬ 
cation  fire¬ 
wall  soft¬ 
ware. 

Application- 

acceleration 

technology. 

SSL VPN 

access 
gateway  and 
VoIP 

technologies. 

Web-based 

desktop 

access 

technology. 

*Remaining  assets  of  defunct  company 


Spam 

continued  from  page  22 

over  yesterday,  spam  currently 
accounts  for  88%  of  all  e-mail 
traffic  and  PDF  spam  makes  up 
11%  of  that  figure.  With  current 
spam  levels  close  to  the  all-time 
high  of  90%,  Secure  Computing 
predicts  that  record  will  be 
matched  or  broken  in  the  next  30 
days,  according  to  a  company 
representative. 

Messaging  security  service  pro¬ 
vider  Postini  says  it  saw  the  biggest 


spam  blast  ever  from  Aug.  7-9.  The 
blast,  launched  from  a  botnet, 
combined  two  popular  spam 
tricks;  attached  to  the  e-mail  mes¬ 
sage  was  a  PDF  file  that  many  fil¬ 
ters  can’t  read  to  determine 
whether  the  content  is  spam,  and 
the  attached  file  was  a  “pump  and 
dump”  scheme  that  promoted 
buying  the  stock  of  a  company 
called  Prime  Time  Group. 

During  this  spam  blast, spam  vol¬ 
ume  jumped  53%  in  one  day  says 
Fbstini,  and  the  value  of  Prime 
Time  Group’s  stock  climbed  20%, 


leaving  the  spammer  —  who  likely 
sold  the  stock  once  the  price  was 
adequately  inflated  —  a  lot  richer. 

Meanwhile,  spam  watchers  at 
McAfee  have  already  spotted  a 
trend  within  the  PDF  spam  trend. 
On  Aug.  10  the  McAfee  Avert  Labs 
blog  told  of  FDF  spam,  messages 
that  use  the  file  extension  .FDF 
instead  of  .PDF;  most  likely  in  an 
attempt  to  fool  antispam  filters 
that  have  been  updated  to  scan 
PDFs  for  signs  of  spam. 

Proofpoint  on  Tuesday  reported 
that  PDF  spam  has  grown  from  5% 


of  all  spam  when  it  was  first 
detected  in  late  spring  to  its  cur¬ 
rent  25%  of  all  spam.  The  compa¬ 
ny  also  announced  that  its  anti¬ 
spam  technology  has  been  updat¬ 
ed  to  catch  PDF  spam  as  well  as 
other  forms  of  “attachment  spam,” 
such  as  those  with  attached  Excel 
files  that  contain  text,  as  have  a 
handful  of  other  antispam  ven¬ 
dors. 

And  so  users  of  those  upgraded 
products  will  be  protected,  until 
spammers  come  up  with  their 
next  trick.B 
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The  Sun  Blade™  6000  system  delivers  the  fastest  performance,  ease 
of  scalability  and  energy  efficiency  — and  features  UltraSPARCf 
AMD  Opteron,"  and  Intel®  Xeon®  processors.  Run  any  major  operating 
system  anywhere  in  the  datacenter,  all  with  the  server  that's 
revolutionized  the  blade  category. 


For  25%  off  a  Sun  Blade  Starter  Kit  or  for  information  on  a  free 
6o-day  trial,  go  to  sun.com/getsunblades. 
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The  Industry's  Most  Open, 

Versatile  Enterprise  Blade  Platform 


Call  your  local  Sun  Sales  Representative,  Sun  Authorized  Partner  or  (888)  516-9362. 

©  2007  Sun  Microsystems,  Inc.  All  rights  reserved.  All  logos  and  trademarks  are  property  of  their  respective  owners. 
Benchmark  information  can  be  found  at  sun.com/servers/blades/6ooo/benchmarks. 
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Part-time  jobs  scarce  in  IT 

Unique  demands  of  profession  cited  for  lack  of  20-hour-a-week  opportunities 


BY  CARA  GARRETSON 

The  lazy  days  of  summer  might  have  you 
thinking  about  how  nice  it  would  be  to  cut 
back  on  your  work  hours  —  permanently 
However,  unlike  many  professions  where 
opportunities  for  part-time  workers  are  grow¬ 
ing  steadily,  most  employers  would  rather  their 
IT  staff  work  more  hours,  not  fewer. 

Because  of  the  nature  of  supporting  tech¬ 
nology  users,  which  because  of  its  urgency 
and  complexity  is  often  more  than  a  full-time 
job,  and  the  fact  that  there  are  almost  more 
available  jobs  than  IT  professionals  —  tech¬ 
nology  job  placement  firm  Robert  Half 
Technology  says  the  IT  unemployment  rate  is 
less  than  2%  —  companies  are  less  apt  to  let  a 
valuable  IT  professional  cut  back  on  hours 
than,  say,  an  accountant  or  marketer. 

Case  in  point;  on  Aug.  1  CareerBuilder.com 
listed  717  part-time  positions  in  IT,  while  there 
were  1,718  part-time  accounting  positions 
available  and  4,815  part-time  nursing  positions. 

“IT  problems  are  24  hours  a  day  365  days  a 
year”  says  Ilyse  Shapiro,  founder  of  MyPart 
TimePro.com,  a  Web  site  launched  in  March 
designed  to  connect  experienced  profession¬ 
als  in  a  variety  of  industries  with  employers 
looking  for  part-time,  flexible,  virtual  or  sea¬ 
sonal  employees. 

Shapiro  says  there  are  very  few  companies 
looking  for  permanent,  part-time  IT  help. “With 
BlackBerries  and  laptops,  everybody  is  work¬ 
ing  24  hours  a  day,  so  I’m  not  seeing  as  many 
part-time  positions  as  I  would  like  to  in  this 
field.” 

One  IT  professional  says  that  because  the 
job  isn’t  task-based  —  rarely  is  something  truly 
“finished”  in  IT  —  it’s  difficult  to  quantify  the 
work  involved  and  therefore  hard  to  come  up 
with  a  scaled-back  version  of  the  position. 

“A  big  component  of  IT  work  is  ongoing  sup¬ 
port,  even  after  the  project  or  task  is  complet¬ 
ed,  which  doesn’t  lend  itself  ...  to  part-time 
help,”  says  Richard  Cummins,  director  of  the 


ONLINE:  Network  Management 
drives  the  agile  enterprise 

Business-services  management  can 
be  a  strategic  way  to  link  business 
demands  with  technology's  power  . . . 
when  you  have  the  secrets  and  solu¬ 
tions  of  new  generation  of  technology. 
What  works?  What’s  next?  Join  us 
Sept.  6  at  IT  Roadmap:  Dallas.  Qualify 
to  attend  free  at: 
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technology  services  group  with  Community 
Medical  Centers’  corporate  information  sys¬ 
tems  in  Fresno,  Calif. 

Another  issue  is  the  frequency  with  which  IT 
professionals  need  to  be  trained  and  re¬ 
trained.  “To  remain  competitive  in  the  IT  mar¬ 
ket,  especially  as  an  engineer,  it  requires  a  lot 
of  hands-on  training  on  a  full-time  basis.” 

Another  reason  that  may  contribute  to  the 


scarcity  of  part-time  IT  jobs  is  the  abundance 
of  contract  or  project-based  work  available. 
MyPartTimePro.com’s  Shapiro  believes  this  is 
because  technology  needs  can  be  very  specif¬ 
ic  —  an  XML  developer  or  Oracle  database 
administrator,  for  example  —  and  employers 
often  want  the  flexibility  to  bring  on  a  skilled 
professional  with  the  sole  purpose  of  com¬ 
pleting  a  project,  instead  of  having  to  train 
someone  on  staff. 

Support  on  demand 

Occasionally  companies  will  hire  extra  IT 
workers  with  limited  hours  to  provide  addi¬ 
tional  support  on  a  help  desk,  says  Brian 
Gabrielson,  vice  president  with  Robert  Half 
Technology,  especially  those  companies  with 
customer-facing  help  desks  that  need  more 
workers  during  crunch  times.  And  growing 
companies  with  changing  needs  may  hire  a 
part-time  IT  professional  before  they  see  the 
need  for  a  full-time  staffer.  But  otherwise  there 
is  little  demand  from  employers  or  job  seekers 
for  part-time  IT  positions,  he  says. 

While  many  trained  and  experienced  IT 
professionals  have  reasons  to  avoid  full-time 
employment  —  needing  to  care  for  children 
or  elderly,  wanting  to  take  partial  retirement, 
or  preferring  to  work  from  home  —  few  em¬ 
ployees  are  developing  positions  intended  to 
be  both  part  time  and  permanent,  Shapiro 
says.  Instead  what  often  happens  is  a  job 
applicant  or  existing  employee  proposes  the 
idea  of  working  part  time,  which  often  results 
in  squeezing  the  responsibilities  of  a  full-time 
position  into  less  than  40  hours  a  week,  she 
says. 

According  to  one  career  analyst,  the  avail¬ 
ability  of  part-time  permanent  IT  positions  has 


more  to  do  with  the  culture  of  a  given  employ¬ 
er  than  the  nature  of  the  job. 

“Whether  or  not  an  organization  can  use 
part-time  jobs  is  a  part  of  its  imagination,”  says 
Diane  Morello,  vice  president  with  Gartner. 
“The  question  is  whether  an  organization  has 
any  interest  in  hiring  part-time  [workers], 
more  than  whether  the  job  is  suitable  for  it.” 

But  with  such  a  low  unemployment  rate 


among  IT  professionals,  companies  that  don’t 
traditionally  hire  part-time  professionals  will 
have  to  start  becoming  more  flexible  if  they 
want  to  attract  talent,  Gabrielson  adds. 

“That  low  rate  has  got  to  get  people  thinking 
creatively  about  the  problem,”  he  says. 

During  these  first  few  months  of  MyPartTime 
Pro.com’s  existence,  Shapiro  says  she  does  a 
lot  of  educating  about  the  benefits  of  part-time 
professionals  when  approaching  companies 
about  posting  jobs  on  her  site,  which  currently 
focuses  on  positions  available  in  the  New  York 
to  Philadelphia  corridor,  but  plans  to  extend 
nationally  by  year-end. 

“I’m  trying  to  open  their  eyes  . . .  they  might 
be  fully  staffed  now,  but  in  six  months  or  a  year 
or  two  years  they  might  not  be,” she  says.“There 
are  retirees,  mothers,  caregivers,  huge  popula¬ 
tions  of  people  who  have  tremendous  experi¬ 
ence  but  just  can’t  work  full  time.” 

Meanwhile,  other  industries  that  are  expe¬ 
riencing  or  are  soon  to  experience  employ¬ 
ment  shortfalls  have  looked  to  part-time 
professionals  to  meet  their  needs,  particu¬ 
larly  healthcare,  law  and  accounting,  she 
says.  For  example,  many  law  firms  have  cho¬ 
sen  to  keep  former  full-time  employees  that 
want  to  go  part  time  rather  than  incur  the 
expense  of  retraining  new  workers  —  an 
example  that  employers  in  need  of  IT  help 
could  learn  from.H 
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**With  BlackBerries  and  laptops,  everybody  is 
working  24  hours  a  day,  so  I’m  not  seeing  as 
many  part-time  positions  as  I  would  like  to  in  this 
field.” 

Ilyse  Shapiro 

Founder  of  MyPartTimePro.com 
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Outlook  to  iCal,  but  not  automatically 

i 


Mark  Gibbs 


s  it  too  much  to  ask?  All  I  want  to  do  is  to 
extract  new  calendar  items  from  Outlook 
in  iCal  format  every  day  at  a  set  time.  The 
reason:  I  am  planning  to  buy  a  big,  new  Mac 
Pro  (dual  3.0GHz  quad  core,  dual  graphics 
GEARHEAD  cards,  8GB  RAM  —  yes,  greed  is  an  ugly  ugly 
thing)  so  that  I  can  run  VMware  Fusion  to  host 
guest  OSs  (including  multiple  copies  of  XP 
and  Vista)  alongside  OS  X,  which  is  now  my 
favorite  desktop  environment. 

As  a  result,  I  will  be  able  to  have  oneVM  running  XP  with  Office  and 
other  core  tools  and  have  other  VMs  with  Vista 
and  XP  to  run  all  the  weird  applications  I  test. 

Should  any  guest  OS  get  trashed,  I  can  just  roll 
back  theVM  image  to  a  previous  state.  A  bonus 
will  be  the  opportunity  to  migrate  over  to 
iCalendar  on  OS  X,  which  is  far  prettier  than 
Outlook.  Better  still,  if  1  use  IMAP  instead  of 
POP3, 1  should  be  able  to  jump  between  sys¬ 
tems  with  wild  abandon  while  still  having  e-mail  access. 

Better  better  still,  this  will  not  only  allow  data  sharing  between 
Outlook  and  iCalendar,  but  also  with  the  wonderful  PHP  iCalendar, 
(www.nwdocfinder.com/1242),  which  is  just  as  pretty  as  Apple’s  iCal. 

Anyway  it  shouldn’t  have  been  too  hard  to  figure  out  how  to  solve  the 
Outlook-to-iCal  part,  should  it?  Well,  unfortunately,  it  was. 

Microsoft,  in  its  usual,  inimitable  way  designed  Outlook  so  it  can 
import  iCal  files  but  provided  no  support  for  exporting  iCal  data.  You 
can  imagine  Steve  Ballmer  way  back  when  the  company  was  designing 
Outlook  rubbing  his  hands  and  mumbling, “We  will  suck  in  all  data,  but 


Installing  this  macro  is  easy 
. . .  but  what  I  want  is  a 
regularly  scheduled  export. 


we  will  never  let  it  go  ...  we  shall  rule  until  the  mountains  crumble,  but 
that  won’t  matter,  because  by  then  we’ll  own  them,  too,  mwah-ha-ha-ha!” 

I  started  by  looking  for  an  Outlook  macro  that  could  extract  to  iCal 
and  found  the  excellent  outlook2ical,  (www.nwdocfinder.com/1243) 
written  by  Norm  Jones.  This  is  a  Visual  Basic  macro  that  can  export 
appointments  from  an  Outlook  calendar  to  an  iCal  formatted  file  (that’s 
an  .ics  extension). 

Outlook2ical  can  export  all  appointments  in  a  calendar  or  just  those 
categories  you  specify.  Because  it  is  written  in  VB,  it  could  be  easily 
modified  to  make  the  selection  of  categories  predefined. 

Installing  this  macro  is  easy,  and  it  really  works  as  an  on-demand 

solution.  But  what  I  want  is  a  regular  sched¬ 
uled  export.  And  here’s  where  you  run  up 
against  a  brick  wall:  Outlook’s  object  model 
doesn’t  support  an  onTimer  function  (see 
Microsoft’s  fairly  useless  support  article  on 
the  topic  at  www.nwdocfinder.com/1244). 

An  external  program  could  do  the  extract, 
except  for  one  thing:  As  soon  as  the  program 
tries  to  access  the  Outlook  data,  Outlook  requires  you  confirm  that 
you  want  to  allow  access,  which  means  that  the  process  can’t  be 
automated. 

So  I  haven’t  yet  been  able  to  figure  out  how  to  make  this  work.  It 
shouldn’t  be  that  hard,  but  it  turns  out  it  is,  as  far  as  I  can  figure  out, 
impossible. 

Anyone  have  any  suggestions? 

Gibbs  really  should  get  away  from  using  Outlook  but  old  habits  die 
hard.  Tell  him  your  solution  at  mgibbs@gibbs.com. 


Use  USB  to  connect  that  monitor 


The  scoop:  LG  L206WU,  by  LG  Electronics, 
pricing  not  yet  announced. 

What  it  is:  This  monitor  looks  like  a  standard 
widescreen,  flat-panel  monitor  —  until  you 
notice  it  can  connect  to  a  computer  via  USB 
c^ic 

COOL  Why  it’s  cool  :  Yes,  you  read  that  correctly. The 

^ “  monitor  is  one  of  the  first  of  its  kind  that  includes 
USB  as  a  connection  option,  in  addition  to  VGA  and  DVI-D  ports. 
Through  a  partnership  with  DisplayLink,  the  USB  option  lets  IT  depart¬ 
ments  connect  multiple  monitors  to  a  system  without  having  to  buy 
additional  video  cards  and  cables.  In  addition,  with  a  VGA-to-USB 
adapter,  the  DisplayLink  software  lets  IT  managers  attach  older  moni¬ 
tors  to  the  computer  (also  without  needing  a  new  video  card). 

The  technology  has  three  components  —  a  virtual  graphics  card,  the 
DisplayLink  Protocol  and  a  hardware-rendering  ASIC.  DisplayLink  says 
the  virtual  graphics  card  communicates  with  and  takes  input  from  the 
PC’s  graphics  API,  translating  it  into  the  DisplayLink  Protocol  for  com¬ 
municating  across  the  USB  cable. 

The  company  says  this  eventually  could  work  over  Wi-Fi,  Ethernet  or 
WiMedia,  opening  up  scenarios  where  the  monitor  doesn’t  need  to  be 
next  to  the  PC.  The  system  supports  resolutions  of  as  high  as  1,680  by 
1 ,200  pixels,  32-bit  graphics  and  DVD-quality  video  playback. 

Installation  was  simple:  1  plugged  the  USB  cable  from  the  L206WU 
monitor  into  my  test  notebook,  then  installed  the  DisplayLink  software. 
Another  cool  feature:  Once  the  software  is  installed,  you  can  attach  as 
many  as  three  screens  simultaneously,  as  long  as  the  monitors  have  the 
hardware-rendering  ASIC.  This  means  that  five  simultaneous  displays 
are  possible  (three  via  USB,  the  notebook  screen  and  one  screen 
attached  via  the  VGA  or  DVI-D  port). 

The  20. 1-inch  widescreen  monitor  is  impressive, even  without  the  USB 
connection.  It  includes  resolutions  of  as  high  as  1,680  by  1,050  pixels 
and  has  a  5,000:1  contrast  ratio  and  a  2-msec  response. 


LG’s  new  L206WU  monitors  can  connect  via  USB. 

Some  caveats:  DisplayLink  says  its  technology  is  geared  for  informa¬ 
tion  workers  and  general  consumers.  High-end  graphics  applications 
and  full-screen  3-D  games  may  suffer,  because  these  applications  con¬ 
sume  all  of  a  PC’s  processing  power,  leaving  nothing  for  the  virtual  graph¬ 
ics  card  (the  same  goes  for  Blu-ray  Disc  video).  For  general-purpose 
applications,  such  as  Office  and  for  Web  browsing  —  and  even  for 
searching  Google  Earth  or  watching  a  regular  DVD  —  the  USB  works 
well.  Its  support  for  Windows  Vista  is  limited,  but  the  company  says  its  dri¬ 
ver  is  undergoing  testing  at  Microsoft  to  support  the  Vista  Aero  interface. 

Bottom  line:  This  is  cool  technology  that  gives  IT  departments  a  way 
to  provide  employees  with  multiple  monitors  without  having  to  spring 
for  expensive  upgrades  —  because  they  can  use  older  monitors  that 
are  just  sitting  in  a  closet. 

Grade:  ★★★★★(out  of  five) 

Shaw  can  be  reached  at  kshaw@nww.com.  New  Cool  Tools  video 
show  every  Thursday,  and  Twisted  Pair  podcast  at  www.network 
world.com. 
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Get  the  latest  facts  and  data  on: 


Worldwide  Adoption — how  access  technolo¬ 
gies  now  deliver  Ethernet  to  every  door 

Migration  Trends — showing  where  agile 
enterprises  are  leading  and  why 

Legacy  Support — mapping  the  path  of 
current  technologies  well  into  the  future 
You’ll  explore  exciting  new  deployments... 

New  Applications— what’s  suddenly  possible 
and  now  critically'  important 

Best  Practices — that  unleash  the  new  power 
and  freedom  of  “infinite”  bandwidth 

Benchmarks — establishing  next-generation 


standards 
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It  frees  your  enterprise  from  the  limits  of  place,  space  and  capacity  It 
makes  the  world  your  “local  area”  linking  far-flung  offices  and  remote 
customer  sites.  It  connects  applications  seamlessly  and  reliably  across 
nations,  borders,  and  continents. 

Analysts  predict  massive  and  continuing  growth.  Service  providers  are 
leaping  at  opportunities  to  offer  it.  Early  adopters  are  gaining  infinitely- 
available,  instantly-scalable  bandwidth  for  mission-critical  apps. 

It’s  Carrier  Ethernet.  Transforming  business  from  a  familiar  platform 
that  has  been  given  extraordinary  new  power.  And  you  are  invited  to 
discover  it  all  at  a  once-in-a-generation  spotlight  event  that  introduces 
Carrier  Ethernet  — The  Birth  of  the  New  Global  Network  to  America. 


TO  ACCEPT  AND  ATTEND  FREE 

www.networkworld.com/MEF7A1  or  cat!  1-800-643-4668 
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DON 

TAPSC0TT 


Register  for  the  seminar  now  to  hear  an  outstanding  opening  keynote:  The  Collaborative  Economy 
and  a  New  Era  in  Business  Communications. 

DON  TAPSC0TT  and  ANTHONY  WILLIAMS  (respectively  CEO  and  VP  of  the  New  Paradigms  think  tank)  coauthored  Wikinomics: 
How  Mass  Collaboration  Changes  Everything  -  described  by  Tom  Peters  as  “Must  read  #1,  2007— period.  This  is  a  breathtaking 
piece  of  work."  Don,  an  enthralling  and  inspired  orator,  is  an  internationally  renowned  authority  on  the  strategic  value  and  impact 
of  information  technology,  while  Anthony’s  seven  models  of  mass  collaboration  provide  a  myriad  of  ways  to  harness  external 
knowledge,  resources,  and  talent  tor  greater  competitiveness.  How  can  businesses  tap  the  full  potential  of  the  emerging  networked 
economy  and  what  is  really  needed  to  exploit  the  flexibility,  cost  savings  and  quality  of  service  that  Carrier  Ethernet  offers? 


ANTHONY 

WILLIAMS 


*  Don  Tapscott  keynotes  in  New  York  and  Anthony  Wilson  in  Chicago  and  Los  Angeles. 


ONLINE 


For  years,  Inttra,  an  e-commerce  logistics  provider 
to  the  worlds  largest  cargo  shipping  organiza¬ 
tions,  has  been  using  virtualization  on  its  back¬ 
end  IBM  mainframe  and  Citrix  Systems  servers  in 
a  secure  environment.  Now  the  Parsippany,  N.J., 
company  primarily  uses  IBM  blade  servers  run- 


Virtual  system,  real  risk 
Story  begins  at  right 

Tracking  app  performance 
in  a  virtual  world 


Go  to  www.nwdodinder.com/1228 
for  these  New  Data  Center 
exclusives: 

Virtualization  podcasts: 


VIRTUAL  SYSTEM, 

REAL  RISK 

Experts  say  it's  only  a  matter 
□f  time  before  malware  writers 
weasel  their  way  into  the 
virtual  machine  monitor  - 
then,  watch  out! 


BY  DEB  BADCLIFF 


Addressing  the  challenge  takes 
new  tools  that  combine  specialized 
server  management  and  traffic- 
flow  know-how,  NetForecast 
analysts  say.  Page  35 

ADP  CTO:  Take  the  slow 
road  to  virtualization 
This  IT  exec  worries  about  rushing 
into  virtualization  before  under¬ 
standing  all  the  ramifications. 

That's  why  he's  first  automating 
change  management.  Page  39 

10  virtualization  companies 
to  watch 

These  technology  innovators 
promise  products  that  boost  per¬ 
formance,  make  management 
easier  or  otherwise  enhance  your 
virtualization  experience.  Page  42 

The  pluses  of  virtualization 
at  the  chip 

As  vendors  tap  into  hardware 
assists  from  Intel  and  AMD,  enter¬ 
prise  customers  see  more  options 
and  lower  costs.  Page  48 


Tune  in  to  these  New  Data  Center 
programs,  part  of  our  ongoing 
Network  World  Panorama  series. 
+  AND!  MANN,  analyst  with 
Enterprise  Management 
Associates:  Management  gotchas 
and  other  virtualization  sticking 
paints. 

+  DAVID  ROTH,  CED,  Trigence: 

Why  application  virtualization  one 
day  will  be  ubiquitous. 

+  CRAIG  STOUFFER,  vice  president 
of  worldwide  marketing,  Silver 
Peak  Systems:  Virtualization  as  a 
disaster-recovery  best  practice. 

File  storage  virtualization, 
on  the  whiteboard:  A  how-it- 
works  video  presentation  with 
Acopia  Networks  CTD  Hick  Gillett 

7  layers  of  virtualization: 

In  this  slide  show,  Enterprise 
Management  Associates  shows 
conceptual  models  for  virtualiza¬ 
tion  across  various  layers,  from 
the  operating  system  to  the  desk¬ 
top  and  beyond. 


NDC  Insight:  Virtual  Microsoft 
Critics  repeatedly  have  beaten  up 
Microsoft  over  its  virtualization 
plans.  In  this  Q&A,  Mike  Neil,  the 
technology's  chief,  deflects  the 
punches.  Page  53 


Cast  your  vote:  Has  hardware- 
assisted  virtualization  changed 
your  technology  decisions? 
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ning  virtual  Linux  machines.  VMware’s  virtualiza¬ 
tion  technology  on  an  Intel  platform  powers  this 
New  Data  Center  infrastructure. 

John  Debenedette,  Inttra’s  vice  president  of  IT,  says  he  felt  he 
could  keep  a  virtualized  data-center  environment  secure  while 
emulating  established  best  practices  (see  “Best  practices  in  secur¬ 
ing  virtual  machines,”  page  34).  He’s  not  ready  however,  to  risk  run¬ 
ning  virtual  Web  servers  outside  his  DMZ.  Nor  is  he  ready  to  allow 
virtual  machines  on  the  endpoints,  which  are  harder  to  control. 

“You  can  follow  best  practices  on  all  of  your  virtual  machines. 
But  at  the  end  of  the  day,  you’re  putting  a  lot  of  trust  in  the  vir¬ 
tual-machine  platform  layer  itself,”  Debenedette  says.“This  layer 
—  also  called  the  hypervisor,  the  virtual  kernel  or  virtual- 
machine  monitor  —  sits  between  the  hardware  and  all  its 
device  drivers,  including  the  operating  system,  which  puts  it  in  a 
very  authoritative  position.” 

Security  watchers  have  not  confirmed  any  exploits  at  this  layer; 
but  virtual-machine-aware  malware,  such  as  RedPill.and  virtual- 
machine  rootkits,  such  as  BluePill,  are  common.  Debenedette 
rightfully  frets  about  this  new  platform  layer:  It’s  a  vector  into 
which  virtual-machine  malware  writers  are  trying  to  break, 
experts  say.  (See  graphic, “Danger  at  the  hypervisor  at  right.) 

In  this  virtual  environment,  effective  security  best  practices  are 
sorely  needed.  In  addition  to  physical  machines,  virtual 
machines  must  be  managed  and  secured.  Network  defenses 
must  be  tuned  to  watch  for  rogue  traffic  on  them. And  the  virtual- 
machine  layer  must  be  built  safely  and  defended  from  up-and- 
coming  forms  of  attackware. 

Virtual-machine  best  practices 

In  a  survey  of  707  Network  World  readers  conducted  in  June, 
36%  of  respondents  —  250  respondents  —  said  they  realize  vir¬ 
tualization  has  increased  security  risk.  Of  those,  slightly  more 
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than  half  had  deployed  firewalls  and  seg¬ 
mented  critical  networks  into  virtual  LANs, 
and  another  half  had  included  virtual- 
machine  traffic-awareness  in  their  intrusion- 
detection  sensors.  One-third  of  respondents 
seemed  to  grasp  that  the  virtualization  plat¬ 
form  layer  itself  is  vulnerable. The  others  did 
not  feel  virtual-machine  platform  vendors 
need  to  make  security  integral  to  their  prod¬ 
ucts  (see  graphic, “Virtualization, security  and 
you,”  at  right).  Clearly,  many  enterprises  are 
failing  to  apply  even  the  most  basic  security 
policies  for  protecting  their  virtual  servers. 

Topping  off  that  dangerous  misstep,  organi¬ 
zations  are  experiencing  rogue  and  unman¬ 
aged  virtual-machine  creep  —  the  very  thing 
virtualization  tries  to  relieve  in  the  hardware 
realm, say  consultants  to  Fortune  500  compa¬ 
nies.  “The  problem  is  collectively  known  as 
virtual-machine  sprawl,”  says  Anil  Desai,  con¬ 
sultant  and  author  of  The  Definitive  Guide  to 
Virtual  Platform  Management.  “If  virtual 
machines  are  built  without  IT’s  knowledge, its 
tough  even  to  know  they  exist  on  the  net¬ 
work,”  he  says. 

Consultants  report  a  widespread  problem 
at  client  sites:  “Software  developers,  intranet 
users,  even  users  on  data-center  servers  with 
too  much  privilege,  are  setting  up  virtual 
machines  [without  IT’s  knowledge]  because 
they’re  easy  to  deploy  and  help  get  certain 
jobs  done,”  Desai  says.  (Andi  Mann,  a 
research  director  at  Enterprise  Management 
Associates,  addresses  virtual-machine  sprawl 
and  other  management  challenges  in  a  new 
Network  World  Panorama  podcast.  Go  to 
www.nwdocfinder.com/ 1 23 1 .) 

Inttra’s  Debenedette  says  he  doesn’t  under¬ 
stand  this  phenomenon.  Any  organization 
worth  its  salt  should  have  locked  down  its 
data  centers  according  to  best  practices, 
which  would  make  actions  such  as  launch¬ 
ing  a  new  virtual  server  something  that 
would  trigger  alarms,  he  says.  Enforcement  of 
those  best  practices  is  what  ultimately  cuts 
down  on  scope  creep. 

Debenedette’s  team  uses  VMware’s  Virtual 
Center  management  software,  which  con¬ 
tains  an  autodiscovery  feature  that  locates 
rogue  builds.  Novell’s  ZenWorks,  Microsoft’s 
System  Center  Virtual  Machine  Manager  and 
other  virtual-machine-specific  management 
tools  also  are  available  with  discovery  fea¬ 
tures.  For  those  who  don’t  want  to  integrate 
such  tools  into  their  management  consoles, 
CA,  HPNetwork  General,  and  other  manage¬ 
ment  and  monitoring  vendors  over  the  past 
year  have  added  varying  degrees  of  virtual- 
machine-awareness  to  their  suites  (see 
“Tracking  app  performance  in  a  virtual 
world,”  page  35). 

Being  able  to  locate  virtual  machines  also 
helps  with  licensing  and  product  support, 


says  Richard  Whitehead,  a  product  director  at 
Novell.  “If  you’re  running  virtual  servers  and 
they’re  not  licensed,  they’re  not  supported,”  he 
says.  “That  means  they’re  not  patched  and 
updated. And  that  makes  them  a  security  risk.” 

Other  discovery-related  features  of  manage¬ 
ment  tools  that  help  with  security  include  ter¬ 
minating  unnecessary  virtual  machines  and 
failing  over  to  other  secure  systems  if  a  load 
balance,  infection  or  attack  makes  that  nec¬ 
essary,  Whitehead  and  others  say 

Partition  like  the  real  world 

Where  and  how  virtual  machines  fail  over 
is  important,  says  Tom  Parker,  executive  con¬ 
sultant  at  Verizon  Business.  Enterprise  IT 
executives  are  all  over  the  map  in  how  they 
set  up  their  failover  processes,  he  says. 

For  example,  failover  could  occur  from  one 
virtual  machine  to  another,  or  to  a  different 
virtual  subnet.  Or,  best  practices  might  dic¬ 
tate  that  the  failover  transfers  to  a  separate 
physical  server.  This  would  be  particularly 
important  in  the  case  of  total  system  failure. 

In  a  virtual  environment,  separation  and 
partitioning  of  systems  are  important,  not 
only  for  backup  but  also  to  create  a  DMZ.  IT 
often  overlooks  this  separation,  Parker  says. 
“What  happens  when  the  database  servers 
are  virtualized  alongside, say,  a  farm  of  virtual 
Web  servers  on  the  same  computer?  I  see  that 
all  the  time,”  he  says.  “You’re  increasing  the 
risk  that  attackers  and  malware  can  get  from 
the  Web  server  to  the  database  server? 

Best  practices  dictate  that  these  types  of 
systems  be  separated  by  a  DMZ,  which  can 


be  accomplished  virtually,  physically  or 
through  a  combination  of  virtual  and  phys¬ 
ical  elements. 

In  a  virtual  DMZ,  virtual  switches  and  fire¬ 
walls  virtually  separate  a  cluster  of  virtual 

See  Virtual  security,  page  34 

Virtualization, 
security  and  you 

In  a  recent  survey  of  707  Network  World 
readers  conducted  by  Research  Concepts, 
approximately  two-thirds  of  respondents  said 
virtualization  has  not  increased  their  security 
risk.  The  250  respondents  who  do  consider 
virtualization  an  added  security  threat  tackle 
the  problem  in  various  ways.  Here's  the 
breakdown  (multiple  answers  allowed): 

Deployed  traditional  agent-based  antispam,  antimalware 
and  antivirus  filters  on  virtual  machines 

56% 

Set  up  virtual  LANs  to  cordon  off  access  to 
virtui  machine  pools 

56% 

Working  with  intrusion-prevention,  firewall  or 
monitoring  software  designed  for  virtual  environments 

■■■■■■54% 

Pushing  virtualization  vendors  to  make  security 
integral  to  their  products 

34% 

Other 

8% 


Danger  at  the  hypervisor 


Whan  successfully  installed,  a  virtual  machine-based  rootkit  sits  beneath  the  target 
operating  system  and  applications.  The  rootkit,  which  comprises  a  host  operating  system, 
a  virtual  machine  monitor  and  malicious  services,  manipulates  the  system  boot  sequence 
so  that  it  loads  before  the  target  operating  system.  Dnce  the  rootkit  loads,  it  boots  the 
target  operating  system  using  its  virtual  machine  monitor.  The  target  operating  system 
functions  normally,  while  the  rootkit  runs  its  malicious  services  in  the  background. 


BEFORE  INFECTION 


Target  application  Target  application 

Target  operating  system 
Host  hardware 


AFTER 

INFECTION  I- 

1 

1 

Target  application  Target  application 

Malicious 

Malicious  1 

Target  operating  system 

service 

service 

Host  operating  system 


Virtual-machine  monitor 


Host  hardware 


SOURCE:  UNIVERSITY  OF  MICHI G  AN  /  MI  C  R  0  S  0  FT  RESEARCH,  WWW.NWDOCFINDER.COM/1226 
SOURCE  (TOP  HIGHT):NETW0RK  WORLD  TECHNOLOGY  OPINION  PANEL  (WWW.NWWBET0PD0G.COM) 
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.INFRASTRUCTURE  LOG 

_DAY  79:  This  is  out  of  control!  Our  IT  environment  is  rigid 
and  inflexible.  Our  business  needs  are  changing,  but  our 
environment  isn’t  built  to  change  with  them.  We  can’t  adapt. 

Oh,  no... I  was  afraid  of  this.  We’re  so  rigid  we’re  stuck  in  time. 

_Infrastructurus  prehistoricus.  I’ve  read  about  this. 

_DAY  80:  I’m  taking  back  control  with  IBM  SOA  solutions.  Now 
we  can  align  business  goals  with  our  IT.  We  have  the  hardware, 
software  and  services  we  need  to  respond  to  change.  Strategy, 
planning  and  implementation  are  in  tune  with  our  specific 
business  needs.  Now  we  can  deploy  and  update  business  processes 
faster  and  more  efficiently. 

.Goodbye,  rigid  past.  Hello,  flexible  future. 


Take  the  SOA  business  value  assessment  at: 

IBM.COM/TAKEBACKCONTROL/SOA 


i  all  of 
end  of 
rust  in 
itself.” 

]{ IT,  Inttra 
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data  center  servers  from  a  cluster  of  virtual 
Web  servers,  experts  say  This  can  get  as  elab¬ 
orate  as  you  want  —  with  virtual  firewalls 
and  switches  separating  subnets  every¬ 
where  —  as  long  as  the  virtual  network- 
devices  and  firewalls  also  are  managed 
according  to  best  practices. 

Parker,  however,  has  concluded  that  it’s  best 
also  to  separate  these  server  farms  logisti- 
cally  —  with  Web  servers  on  one  physical 
server  and  databases  on  another.  “This 
removes  the  risk  of  anything  malicious 
spreading  between  the  [virtual  machine] 
server  farms  themselves,”  he  explains. 

Lock  the  lowest  layers 

The  VMware  platform,  with  its  rights  and 
privileges  to  the  host  operating  system  and 
hardware,  makes  a  tempting  target  for  mal¬ 
ware  writers,  consultant  and  author  Desai 
says.Trom  a  technical  standpoint,  the  virtu¬ 
alization  layer  has  to  run  with  either  direct 
access  to  hardware  or  a  hardware  abstrac¬ 
tion  layer  —  meaning  it’s  running  with  a 
high  level  of  permissions  to  the  physical 
machine,”  he  says.“Any  application  with  that 
level  of  access  would  be  a  target.” 

That  makes  it  a  question  of  when  —  not  if 
—  virtual-machine-specific  malware  will  start 
jumping  between  virtual  machines, down  the 
stack  to  the  host  operating  system  or  even  to 
the  virtual-machine  monitor  layer.  Parker  and 
other  malware  researchers  say  they  have 
seen  all  these  attack  scenarios  under  devel¬ 
opment.  “They’re  looking  for  ways  to  attack 
the  sandboxes  and  virtual  machines  by  their 
kernels,”  says  John  Safa,  CTO  of  DriveSentry 
which  makes  firewalls  for  hard  drives. 

Patrick  Lin,  VMware’s  senior  director  of 
product  management,  recites  a  litany  of  tests 
and  certifications  through  which  the  com¬ 
pany  runs  its  products  to  prevent  security  fail¬ 
ures.  But  security  problems  still  come  down 
to  users  having  too  much  trust  in  the  vendor; 
that’s  why  Paul  Smith, server  security  strategist 
at  Intel,  says  he  thinks  virtual  machinery  will 
drive  authentication  to  the  chip. 

Smith  is  referring  to  the  “root  of  trust”  com¬ 
ponents  within  the  Trust  Computing  Group’s 
(TCG)  Trusted  Platform  Module  (TPM), 
which  stores  a  key  containing  the  hash  value 
of  a  system’s  approved  configuration  on  the 
chip. When  the  system  boots,  the  root  of  trust 
compares  the  hash  values  on  the  key  and 
the  chip,  and  prevents  anything  from  run¬ 
ning  if  the  chip’s  hash  has  changed. 

Specific  to  virtual  machines,  Intel  and 
Advanced  Micro  Devices  support  TPM’s  root 
of  trust,  which  checks  the  hash  of  the  virtual- 
machine  monitor,  or  hypervisor.  If  that  hash 
has  changed  and  the  system  attempts  a 


reboot,  the  root  of  trust  will  revert  to  the  orig¬ 
inal  hash  or  not  allow  the  boot.  Developers 
also  are  working  to  address  virtual  TPMs.  In 
this  way,  the  trust-certification  process  would 
extend  to  virtual  guests,  says  Larry  Russon,a 
Novell  product  manager. 

This  would  ensure  the  integrity  of  the  vir¬ 
tual-machine  platform,  as  well  as  —  by 
virtue  of  its  integrity  —  its  safety,  because 
any  malicious  or  unauthorized  changes  to 
the  platform  (and  ultimately  the  virtual 
machines  themselves)  are  not  allowed, 
Intel’s  Smith  says.  Configuration  changes 
and  patches  are  difficult  using  the  Trusted 
Computing  Group’s  model,  Russon  coun- 
ters.This  is  because  every  change  for  every 
virtual  device  in  the  trust-certification 
process  must  be  replicated  and  rehashed 
again  at  the  chip. 

Not  to  mention  that  management  calls  to 
the  chip  open  a  whole  new  layer,  some  say. 
“Flash  programming  to  the  chip  for  updates: 
Can  this  be  cracked?”  Inttra’s  Debenedette 
asks.Tll  bet  we’ll  have  to  worry  about  that  in 
the  future.” 

Radcliff  is  a  freelance  writer  in  California. 
She  can  be  reached  at  deb@radcliff.com. 


+  Best  practices  in  securing 
virtual  machines 

In  a  virtualized  New  Data  Center 
infrastructure,  every  virtual  device 
and  its  systems  ana  network 
segments  must  be  controlled  and 
managed  according  to  best  prac¬ 
tices,  experts  say.  These  practices 
should  include: 

•  Standard-gold  builds,  security,  and  ver¬ 
sion  and  patch  management  controls  for 
every  application  running  on  every  virtual 
machine  and  every  virtual-machine  type. 

•  Policy  enforced  by  virtual  firewalls,  anti- 
malware  and  virtual  device  management 

•  Appropriate  logical  and  physical  separa¬ 
tion  of  virtual-machine  types,-  for  example, 
virtual  Web  servers  should  he  separate 
from  virtual  database  servers. 

•  A  network  intrusion-detection  system  or 
monitoring  finely  tuned  to  rogue  or  mali¬ 
cious  virtual-machine  traffic. 

-  Deb  Radcliff 
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TRACKING  APP  PERFORMANCE  IN  A 

VIRTUAL  WORLD  [  BY  PETER  SEVCIK  AND  REBECCA  WETZEL  | 

Addressing  the  challenge  takes  new  tools  that  combine  specialized  server 
management  and  traffic-flow  know-how,  NetForecast  analysts  say 


IT  managers  migrate  virtual  servers  from  pilot  to  production  envi¬ 
ronments,  they  measure  their  success  by  application  performance. 
In  other  words,  applications  must  perform  as  well  in  their  new 
virtual  habitat  as  they  did  in  their  previous  physical  one.  As  IT  man¬ 
agers  gain  confidence  in  their  ability  to  assure  application  per¬ 
formance,  they’ll  move  virtual  servers  more  quickly  from  pilot  to 
bona  fide  production  —  a  migration  rate  BMC  Software  pegs  at 
20%  today  To  gain  that  all-important  confidence,  IT  managers 
need  a  good,  comprehensive  set  of  management  tools. 


The  good  news  is  that  tools  are  available  to 
manage  application  performance  in  a  virtual 
world.  The  less  welcome,  but  not  surprising, 
news  is  that  today’s  tools  provide  glimpses  of 
insight,  but  IT  managers  are  left  to  assemble 
the  big  picture  themselves.  Here  we  analyze 
the  problem  and  the  solutions. 

The  problem  of  complexity 

Virtualization  poses  unique  application- 
performance  management  challenges.  Chief 
among  them  is  that  virtualization  adds  com¬ 
plexity  to  an  already  complex  problem.  Rich 
Fomin, a  BMC  product  manager, describes  the 
issue  in  this  way:  “You  add  another  layer  of 
abstraction.  You  have  things  like  resource 
pools  and  clusters  that  make  things  more 
complex  to  troubleshoot.  It  is  now  more  diffi¬ 
cult  to  find  a  performance  problem.” 

Consider  this  the  “fog  of  virtualization,”  says 
A1  Fink,  vice  president  of  corporate  develop¬ 
ment  for  NetScout  Systems.“The  folks  respon¬ 
sible  for  delivering  services  have  less  visibility 
into  performance  than  before.  IT  groups  tell 
us  they  must  rely  on  a  break/fix  approach, 
and  they  are  worried  about  falling  back  into 
being  more  reactive  —  responding  to  per¬ 
formance  issues  brought  to  their  attention  by 
end  users.  [In  a  virtual  environment]  per¬ 
formance-problem  identification,  correction 
and  prevention  are  more  difficult  to  achieve.” 

Mutualization  creates  a  Rubik’s  Cube  of 
complexity,  not  only  by  adding  new  IT  silos 
but  also  by  layering  complexity  onto  existing 
silos  (see  “Virtual  complexity”  page  38). 

- nww.com 

VIRTUALIZATION  PODCAST 

Start-up  Trigence  believes  virtualizing  applications  can 
do  away  with  the  application-performance  manage¬ 
ment  challenge.  Listen  in  as  CEO  David  Roth  explains 
how.  www.nwdocfinder.com/1222 


Virtualization  adds  new  IT  silos,  because  each 
software  application  runs  on  a  virtual  ma¬ 
chine  that  is  part  of  a  resource  pool  managed 
by  the  virtual  management  system  (VMware, 
for  example).  Existing  silos  are  made  more 
complex  for  these  reasons: 

•  Virtual  machines  operate  within  a  physical 
host,  which  can  have  multiple  identities 
because  it  can  contain  many  virtual  machines. 

•  Hosts  are  known  by  IP  addresses  and  are 
members  of  subnets  or  virtual  LANs. 

•  Load-balancers  shift  user  traffic  among 
virtual  machines,  hosts  and  subnets,  depend¬ 
ing  on  their  use. 

•  Users  are  authorized  and  screened  by 
authentication  systems,  intrusion-detection 
systems  and  firewalls. 

•  Users  arrive  at  the  data  center  across  a 
variety  of  access  networks. 

With  limitless  permutations  possible  within 
even  a  single  enterprise,  management-tool 
vendors  face  a  daunting  problem:  A  compre¬ 
hensive  view  through  the  fog  of  virtualization 
requires  mapping  what  is  going  on  in  multi¬ 
ple  ways. Various  functions  within  IT  manage¬ 
ment  need  to  map  how  and  where  an  appli¬ 
cation  is  operating,  or  how  and  from  where  a 
user  is  arriving.  Some  need  to  cross-map  the 
two  information  sets  to  make  sure  a  user  gets 
the  appropriate  service  from  a  specific 
instance  of  a  running  application. 

Management-tool  vendors  are  approaching 
the  problem  from  two  perspectives:  the  silo 
approach  and  the  traffic-flow  approach. 

Silo-centric  tools 

Silo-centric  application-performance  man¬ 
agement  tools  are  available  from  BMC,  CA 
and  Compuware.  Such  tools  focus  on  avail¬ 


ability  and  capacity  and  tend  to  be  tradi¬ 
tional  server-management  tools  that  have 
been  enhanced  to  manage  virtualized  assets. 

For  example,  BMC’s  Performance  Manager 
for  Virtual  Servers  provides  real-time  monitor¬ 
ing  for  virtualized  environments,  and  gener¬ 
ates  events  when  critical  availability  and  per¬ 
formance  thresholds  are  exceeded.  After  dis¬ 
covering  all  virtual  machines,  the  tool  maps 
them  to  their  physical  hosts,  BMC’s  Fomin 
says.“You  can  see  that  this  virtual  machine  is 
associated  with  that  host,  and  you  can  see 
that  it’s  part  of  this  resource  pool.You  look  at 
a  resource-pool  or  cluster  point  of  view,  and 
from  each  layer  you  can  see  what’s  happen¬ 
ing  from  a  capacity  point  of  view?’  he  says. 

CAs  Introscope  Web-application  perform¬ 
ance-monitoring  tool  tracks  the  performance 
of  Web  applications  in  virtual  server  environ¬ 
ments.  “Introscope  monitors  different  tiers, 
including  VMware,  to  get  the  transaction  per¬ 
spective,  and  to  get  metrics  that  show  the 
health  of  each  tier’’  says  Mark  Donsky,  a  CA 
product  manager.  “It  can  see  spikes  in  per¬ 
formance  as  well  as  bottlenecks  that  show,  for 
example,  that  usage  is  spiking  and  it’s  time  to 
reconfigure  the  machine.” 

Compuware’s  Vantage  pulls  in  the  metrics 
provided  by  virtual  machines  and  correlates 
these  metrics  with  user-experience  data  gath¬ 
ered  using  active  agents  running  synthetic 
transactions.  The  correlation  between  the 

See  App  performance,  page  38 
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.INFRASTRUCTURE  LOG 

_DAY  82:  There  are  so  many  risks  out  there.  So  many  things 
that  can  happen  to  our  business:  natural  disasters,  spikes 
in  traffic,  mergers.  How  do  we  prepare?  One  in  three 
companies  don’t  recover  from  unplanned  downtime.1  Would  we? 

_Gil  has  wrapped  everything  in  the  office  with  bubble  wrap. 
Everything.  Just  to  be  safe. 

_DAY  83:  Im  preparing  with  IBM  Business  Resilience  Solutions. 
IBM  Business  Continuity  Services  can  help  us  assess  our  risks 
and  design  a  proactive  plan  to  deal  with  them.  IBM  Tivoli  gives  us 
the  visibility  to  diagnose  and  fix  infrastructure  problems. 

And  the  robust  availability  features  of  the  IBM  System  p™  give 
us  maximum  uptime.  The  future  feels  so  much  safer  now. 

_No  more  bubble  wrap.  And  I  have  to  mail  a  package.  Great. 


Take  the  business  continuity  assessment  at: 

IBM.COM/TAKEBAGKCONTROL/READY 


App  performance 

continued  from  page  35 

simulated  user  experience  and  data  from  vir¬ 
tual  machines  (combined  with  information 
from  traditional  IT  silos)  helps  IT  managers 
ferret  out  performance  problems  quickly 

Traffic-flow-centric  tools 

Traffic-flow-centric  tools  that  address  vir¬ 
tualization  are  generally  newer  to  the 
scene.  In  May  for  example,  Network 
General  released  the  Virtualization  Fo¬ 
rensics  enhancement  to  its  NetVigil  prod¬ 
uct,  and  WildPackets  announced  its  Omni 
Virtual  Network  Service.  Both  products 
explicitly  address  the  end-to-end  applica¬ 
tion  performance  issues  posed  by  server 
virtualization. 

Network  General’s  Virtualization  Forensics 
tool  gathers  flow-based  performance  data 
specific  to  virtual  machines  from  VMware 
and  Microsoft,  and  provides  a  high-level 
perspective  of  what’s  going  on  with  applica¬ 
tion  performance.This  helps  solve  the  prob¬ 
lem  users  have  of  receiving  too  much 
detailed  information  without  correlation. 

“A  VMware  management  tool  tells  you 
about  server  performance,  but  it  won’t  tell 
you  about  database  or  router  performance. 
The  router  vendor  only  tells  you  about  the 
router,  and  none  of  the  available  tools  can 
talk  to  each  other  or  [determine  perform¬ 
ance  information  for  other  types  of 
devices].  Unless  you  can  see  into  this  con¬ 
cert,  you  don’t  have  a  good  idea  of  what’s 
going  on,” says  James  Messer,  technical  mar¬ 
keting  manager  for  Network  General. 
“[Virtualization  Forensics]  gathers  data 
from  any  discipline,  including  the  network 
and  the  virtual  servers  running  on  top  of  the 
network,  from  a  database  or  Web  perspec¬ 


tive,  and  . . .  tells  you  how  all  the  pieces  are 
working  together,”  he  says. 

Solvay  Pharmaceuticals  in  Marietta,  Ga.,  is 
a  typical  Virtualization  Forensics  customer. 
The  company  uses  it  to  monitor  virtual 
machine  activity  on  VMware  ESX  servers, 
and  to  identify  IT  service  performance 
issues  and  drill  down  into  application  flow 
details.  (Bruce  McMillan,  Solvay’s  manager 
of  emerging  technologies,  discusses 
the  strategy  in  a  podcast  at  www.nw 
docfinder.com/1221.) 

WildPackets,  with  its  newly  released  Omni 
Virtual  Network  Service,  goes  a  step  further 
than  Network  General.  It  tackles  this  thorny 
problem:  Traffic  moving  among  virtual 
machines  within  a  single  server  never  tra¬ 
verses  the  network  —  thus,  data  once  visi¬ 
ble  in  a  physical  world  becomes  invisible 
to  traditional,  traffic-flow-based  tools.  The 
Omni  Virtual  Network  Service  tool  essen¬ 
tially  extends  capabilities  like  those  of 
Network  General’s  Sniffer  into  a  virtual 
server,  letting  IT  managers  see  otherwise 
invisible  intra-server  traffic.  John  Bennett, 
WildPackets’  marketing  vice  president, 
draws  this  comparison:  “Just  getting  stats  is 
like  knowing  that  your  car  engine  needs 
servicing  but  having  no  idea  if  what  needs 
fixing  is  the  fuel  pump,  the  battery  or  the 
crankshaft.” 

NetScout  also  expects  to  release  flow-based 
capabilities  by  year-end,  the  company  says. 

Coming  together 

While  current  offerings  are  a  good  start,  bet¬ 
ter  tools  are  forthcoming  for  managing  appli¬ 
cation  performance  in  a  virtual  world. 
Particularly  pressing  is  the  need  for  products 
that  integrate  silo-based  and  traffic-flow- 
based  views.  The  user-to-application  flow 
threads  through  an  increasingly  confusing 


jungle  of  options  and  variables.  Monitoring 
silo  health  must  be  coupled  with  discovering 
flows,  identifying  all  the  resources  that  sup¬ 
port  them  and  reporting  on  their  end-to-end 
performance.  Compuware  is  starting  down 
that  path  with  its  ability  to  run  synthetic  trans¬ 
actions,  and  we  expect  CA  to  move  in  that 
direction  by  integrating  its  Wiley  traffic-flow- 
based  capabilities  with  its  Introscope  Web 
application-performance  monitoring  tool. 

Vendors  tout  the  need  for  a  holistic 
approach,  but  thus  far  their  solutions  are  far 
from  this  lofty  goal.  Building  that  compre¬ 
hensive  tool  won’t  be  easy  —  or  quick, 
admits  Tom  Bishop,  CTO  for  BMC.“Mapping 
the  logical  to  the  virtual  needs  to  become 
fluid.  The  notion  of  a  virtual  LAN  needs  to 
change  to  become  a  holistic  system  that  can 
be  managed  in  concert.To  get  there,  we  will 
have  to  go  through  a  lot  of  pain,”  he  says. 
“We’ll  go  through  several  iterations. The  first 
step  will  be  a  set  of  largely  proprietary  tools 
that  can  work  together. Then  tools  will  begin 
to  interoperate  across  vendors  and  inter¬ 
faces. Then  in  the  distant  future,  say  in  10  to 
15  years,  we’ll  have  a  holistic  solution  that  is 
fast,  cheap  and  interoperable.” 

Truly  effective  application-performance 
management  for  virtual  environments  will 
arrive  when  silo-  and  traffic-flow-centric  ven¬ 
dors  cooperate  to  deliver  the  big  picture. 
Discussions  are  underway  and  we  should  see 
a  spate  of  announcements  once  customers 
demand  the  big  picture.  Let’s  hope  it  doesn’t 
take  too  long. 

Sevcik,  president  of  NetForecast  and  an 
authority  on  application  performance,  can  be 
reached  at  peter@netforecast.com.  Wetzel,  an 
associate  at  NetForecast  and  president  of 
Wetzel  Consulting,  can  be  reached  at  rebec 
ca@netforecast.  com. 


Virtual 

complexity 

Within  the  data  center, 
virtualization  adds  layers  - 
or  silos  -  that  need 
discovery,  management  and 
diagnosis.  Managing 
application  performance  is 
even  more  challenging 
because  traffic  can  flow 
through  the  many  alterna¬ 
tives  within  each  silo.  Silo 
management  aims  to  keep 
devices  in  a  column 
operating  well,  while 
traffic-flow  management 
focuses  on  keeping  all  the 
devices  supporting  a  user 
operating  well. 


Single-user  traffic  flow  Flaw  processing  point 


Operating  system 


Operating  system 


Servers 


Resource  V  Virtual  Applications 
pools  machines 
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New  software  silos 
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ADP  CTO:  TAKE  THE  SLOW  ROAD 
TO  VIRTUALIZATION 


BY  SANDHA  GITTLEN 


This  IT  exec  worries  about  rushing  into  virtualization  before  understanding 
all  the  ramifications.  That's  why  he's  first  automating  change  management. 


. .  [First  1]  get  a  handle 
on  the  physical  machines: 
Hi  then  we  can  start  using 
virtualization  to  add 
|fc  to  our  resources." 

Brandy  terbush  cto. 

Jpbtamatic  Data  Processing 


andy  Terbush  has  a  twofold  mission  for  his  next-generation, 
on-demand  IT  infrastructure:  to  tighten  software  delivery 
cycles  and  to  introduce  more  automation.This  savvy  and  vet¬ 
eran  CTO  at  Automatic  Data  Processing,  a  $7  billion  business- 
transaction-processing  firm,  knows  virtualization  holds  the 
key“In  order  to  get  to  our  utility  computing  vision,  we  need  to 
virtualize  the  hardware  across  the  board  —  for  storage,  the 
network  and  the  CPU,”  he  says.  But  before  Terbush  unleashes 
a  complex  virtual  environment,  he  hopes  automated  change- 
management  tools  will  help  him  simplify  his  physical  one. 


“A  lot  of  organizations  have  charged  down 
the  path  to  deploy  virtualization,  but  they 
haven’t  given  the  same  effort  to  how  they’re 
going  to  manage  it  all,”  says  Terbush,  who  is 
also  vice  president  of  enterprise  technology 
architecture  at  ADP“The  way  I  approach  the 
problem  is  to  first  get  a  handle  on  the  physi¬ 
cal  machines;  then  we  can  start  using  virtual¬ 
ization  to  add  to  our  resources.” 

Churn  control 

ADPin  Roseland,N.J.,  manages  payroll,  ben¬ 
efits,  human  resources  and  other  mission-crit¬ 
ical  transactions  for  more  than  570,000  clients 
worldwide.“We’re  always  developing  the  next 
version  of  our  software  offerings,”  he  says. 

With  so  much  churn,  keeping  software 
development  cycles  to  a  minimum  is  impera¬ 
tive, Terbush  says.  In  the  past,  this  proved  diffi¬ 
cult,  because  the  testing  process  was  tedious 
and  error-prone.  Developers  would  create  pro¬ 
ducts,  then  “toss  them  over  the  wall”  to  quality 
assurance  with  notes  on  how  to  recreate  the 
test  environment.  Quality  assurance  would 
then  do  the  same  to  the  staging  team  and  so 
on  down  the  line  to  production,  he  says. 

Inevitably  there  were  missteps  along  the 
way  and  developers  would  have  to  backtrack 
to  detect  and  debug  changes.  This  backtrack¬ 
ing  was  a  huge  time-waster  and  a  drain  on 
resources,  Terbush  says,  adding  that  the 
process  introduced  unacceptable  compli¬ 
ance  risks,  too.Tassword  files  and  registry  set¬ 
tings  were  getting  changed  unbeknownst  to 
the  developers,”  he  says. 

Although  Terbush  is  eager  to  roll  out  virtu¬ 
alization  to  make  it  easier  to  replicate  the 
environment  between  testing  phases,  more 


important  is  preparing  for 
the  added  complexity  that 
comes  with  putting  several 
virtual  containers  on  the 
same  box,  he  says.  So,  he’s 
taken  what  he  calls  a  significant  interim  step. 

Over  the  past  few  years,  Terbush  has  rolled 
out  BladeLogic’s  Operations  Manager  to  auto¬ 
mate  change  management.  This  multi¬ 
pronged  tool,  which  manages  configurations, 
compliance  and  provisioning,  eliminates  the 
need  for  testers  to  follow  ad-hoc  instructions. 
Instead,  the  automation  package,  which  com¬ 
prises  an  application  server  and  agents  that 
sit  on  client  machines,  lets  developers  pro¬ 
vide  uniform  guidelines  for  recreating  the  test 
environment.  As  each  team  goes  through  its 
testing,  the  software  packages  and  stores  con¬ 
figuration  changes  into  a  repository 

To  ensure  compliance,  IT  assigns  roles  to 
each  testing  team  and  controls  access  via 
permissions. “We  use  the  reporting  feature  to 
make  sure  machines  are  not  changing  and 
that  stuff  is  not  sneaking  onto  them,”  he  says. 

Operations  Manager  also  supports  version 
control.  Now  when  changes  are  made,  all  test¬ 
ing  teams  receive  an  alert  and  don’t  have  to 
detect  and  debug  later.“We’ve  cut  the  amount 
of  time  it  takes  to  deploy  an  application  into 
production  by  a  factor  of  four’’ he  says. 

Rolling  out  automated  change  manage¬ 
ment  was  relatively  easy,  Terbush  says.  Con¬ 
vincing  the  entire  testing  team  that 
automation  was  a  positive  step  was  a  bit 
more  challenging,  however. “Training  is  crit¬ 
ical.  People  have  to  understand  the  ulti¬ 
mate  vision  of  what  we’re  trying  to  do  and 
what  it  means  for  them.  It’s  a  culture 


change,  and  we  have  to  help  them  under¬ 
stand  the  role  of  these  new  tools,”  he  says. 

Futurescape 

All  this  calculated  legwork  is  leading  up  to 
the  widespread  deployment  of  virtualization. 
In  a  test  environment,  ADP  is  using  operating 
system  containers,  as  well  as  network  and 
storage  virtualization, Terbush  says.“We  . .  .are 
moving  more  and  more  to  the  production 
data  center  as  we  get  a  better  handle  on  the 
management  challenges  that  virtualization 
presents,”  he  says. 

To  that  end,  he  adds,  his  team  is  working 
with  BladeLogic’s  new  Virtualization  Man¬ 
ager.  With  change  management  in  place  in 
the  virtual  environment,  the  team  can  control 
everything  from  the  provisioning  of  virtual 
servers  to  specific  configurations  from  a  sin¬ 
gle  console.  But  he  has  bigger  plans  than  just 
policing  server  use. 

“Once  we  get  past  knowing  the  machines 
are  configured  correctly  we  can  move  on  to 
the  data-center  intelligence  piece,”  Terbush 
says.  For  instance,  he  hopes  to  be  able  to  tell 
whether  an  application  with  a  transient  load 
maxing  out  once  a  week  would  be  better 
served  by  adding  virtual  containers.  “1  can’t 
say  automation  will  take  away  the  complexity, 
but  it  certainly  will  help  us  manage  it.” 

Gittlen  is  a  freelance  writer  near  Boston.  She 
can  be  reached  at  sgittlen@charter.net. 
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Information  Management 


.INFRASTRUCTURE  LOG 

_DAY  69:  All  we  need  is  one  specific  piece  of  info.  Gil 
almost  had  it,  but  his  hand  cramped.  How  are  we  supposed 
to  find  trusted  business  info  when  these  massive  volumes 
of  disparate,  conflicting  information  keep  pouring  in? 

_Gil  just  grabbed  a  stuffed  panda. 

_DAY  71:  The  answer:  IBM  solutions  for  leveraging  information. 
Now  we  can  cleanse  info  and  standardize  source  data  fields 
for  consistency  and  accuracy.  I  can  create  a  single, 
comprehensive  and  accurate  record  of  info  across  our  source 
systems.  Finally,  I  can  provide  a  unified,  trusted  view  of 
our  information  so  everyone  can  make  better  decisions. 

_0ur  view  of  our  data  is  now  scalable.  Just  in  time  —  I  think 
we  ran  out  of  quarters. 


Download  the  Innovation  and  Competitive  Advantage  white  paper: 

IBM.COM/TAKEBACKCONTROL/ACCURATE 


10  VIRTUALIZATION  COMPANIES 
TO  WATCH 


BY  JQ ANNE  CUMMINGS 


These  technology  innovators 
promise  products  that  boost  performance,  make  management  easier  or 
otherwise  enhance  your  virtualization  experience 


verybody  knows  virtualization  isn’t  just  about  VMware  anymore. 

Many  users  are  past  the  rush  to  server  virtualization  and  now  need  to  increase 
the  benefits  of  the  move.  They  need  not  only  to  improve  efficiency  perform¬ 
ance  and  management,  but  also  to  find  ways  to  extend  the  technology  to  their 
desktop,  storage  and  mobile  environments.  That’s  a  heavy  burden.  Product 
choices  can  be  overwhelming,  and  a  starting  point  difficult  to  find.  Get  on  your 
way  with  promising  products  from  these  10  companies. 


_ 

attune 

3LEAFSYSTEMS 

3Leaf  Systems 

Founded:  June  2004 

Headquarters:  Santa  Clara,  Calif. 

What  does  the  company  offer?  The  V-8000 
Virtual  I/O  Server  appliance,  which  virtual¬ 
izes  I/O  subsystems  for  large  pools  of 
servers,  bringing  mainframe-class  avail¬ 
ability  and  resiliency  to  x86  commodity 
systems. 

Why  is  it  worth  watching?  I/O  bottle¬ 
necks  are  a  key  pain-point  in  large,  virtual¬ 
ized  server  environments.  “It’s  definitely  a 
problem  to  scale  up  lots  of  virtual  ma¬ 
chines  on  a  cluster  and  not  be  able  to 
scale  up  the  I/O  at  the  same  time.  3Leaf  is 
addressing  this,”  says  John  Abbott,  chief 
analyst  at  the  451  Group. 

How  did  the  company  get  its  start?  3Leaf 
was  founded  to  solve  such  problems  as  the 
low  reliability  and  resiliency  of  I/O 
spawned  by  virtualization. 

How  did  the  company  get  its  name? 
Founder  Bob  Quinn  e-mailed  company 
supporters  for  their  naming  ideas.  Clover 
Systems  (playing  off  the  idea  of  a  sham¬ 
rock  and  Quinn’s  Irish  heritage)  was  one 
name  suggested,  and  it  morphed  into 
3Leaf  Systems. 

Management:  Quinn,  who  is  CEO,  also 
founded  and  held  executive  positions  with 
Network  Virtual  Systems  and  iMODL. 

Funding:  $32.5  million  in  two  rounds, 
from  Alloy  Ventures,  Enterprise  Partners, 
Intel  Capital  and  Storm  Ventures. 

Who's  using  the  product?  Sawis,  as  well 
as  several  financial  institutions  and  a  num¬ 
ber  of  Fortune  100  companies. 


Attune  Systems 

Founded:  December  2003 

Headquarters:  Santa  Clara,  Calif. 

What  does  the  company  offer?  Maestro  File 
Manager,  a  file-virtualization  appliance  that 
discovers,  analyzes,  manages  and  optimizes 
heterogeneous  file-storage  resources.  It  han¬ 
dles  nondisruptive  data  migration,  server 
retirement,  data  consolidation,  tiering  and 
global  namespace  across  Windows  file 
servers  and  network-attached  storage. 

Why  is  it  worth  watching?  “Basically  it  virtu¬ 
alizes  the  file  server  to  the  user”  says  Zak 
Khalil,  MIS  manager  at  Lessard  Group,  an 
architecture  firm  in  Vienna,  Va.  “It  runs  with 
any  existing  storage. . . .  It’s  very  easy  to  imple¬ 
ment,  and  it  works.” 

How  did  the  company  get  its  start?  Attune 
was  founded  in  response  to  the  explosive 
growth  of  unstructured  file  data  and  the  need 
to  manage  such  data  better. 

How  did  the  company  get  its  name?  The 
founders  wanted  a  name  that  conveyed  a 
sense  of  control  and  alignment  among 
unstructured  data  and  storage  resources. 

Management:  CEO  Alan  Kessler  held  the 
same  position  at  Intransa  and  before  that  was 
COO  at  Palm. 

Funding:  Approximately  $40  million,  from 
Alloy  Ventures,  GF  Private  Equity  Group, 
Quicksilver  Ventures,  Rock  Creek  Capital,  RWI 
Ventures,  Shea  Ventures  and  Shoreline  Ven¬ 
ture  Management. 

Who's  using  the  product?  Bluesocket, 
Central  Florida  YMCA,  Granite  Telecom¬ 
munications,  Interwoven,  Insulet  and  Les¬ 
sard  Group. 


InovaWave 

Founded:  March  2006 

Headquarters:  Austin, Texas 

What  does  the  company  offer?  DXtreme, 
optimization  software  that  aims  to  improve 
the  performance  of  virtual  machines  by  re¬ 
ducing  disk  I/O  bottlenecks. 

Why  is  it  worth  watching?  Databases  and 
other  applications  with  heavy  I/O  require¬ 
ments  are  the  most  difficult  to  virtualize  — 
and  Microsoft,  VMware  and  others  haven’t 
come  up  yet  with  a  good  solution.  Inova¬ 
Wave  offers  one  today  for  companies  that 
need  the  highest  performance  in  a  virtual 
machine,  says  Chris  Voce,  analyst  at  Forrester 
Research. 

How  did  the  company  get  its  start?  Foun¬ 
ders  set  out  to  ease  the  mobility  of  virtual 
machines  but  in  the  process  discovered 
how  to  increase  virtual-machine  perform¬ 
ance  by  optimizing  disk  I/O. They  launched 
InovaWave  to  pursue  both  technologies. 

How  did  the  company  get  its  name?  The 
name  represents  “waves  of  innovation.” 

Management:  CEO  Chris  Ostertag  was  vice 
president  of  worldwide  sales  and  field  oper¬ 
ations  for  Credant  Technologies.  Before  that, 

See  10  companies,  page  44 
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Server  Consolidation  On-Demand  Hardware  Migration 


Data  center  relocation  used  to  mean  physically  shipping  servers  to  the  new  location  and  rebuilding  them  from  scratch.  Together,  PlateSpin 
PowerConvert  and  PowerRecon  provide  a  powerful  workload  portability  solution  with  the  flexibility  to  plan,  configure,  optimize  and  relocate  your 
data  center  by  streaming  server  workloads  over  the  network  with  a  simple  drag-and-drop.  PowerRecon  makes  it  easy  to  analyze  and  plan  effective 
data  center  relocations  that  take  into  account  the  way  workloads  use  server  resources  in  the  network.  PowerConvert's  anywhere-to-anywhere 
workload  portability  allows  organizations  to  rapidly  implement  the  plan  by  streaming  workloads  across  different  infrastructures  and  hardware 
platforms:  physical-to-physical,  physical-to-virtual,  image-to-physical  and  so  on. 


Download  PowerConvert  and  PowerRecon  today  at  www.platespin.com/lugging 
or  call  1  877  528  3774  to  learn  more  about  our  data  center  relocation  solutions. 


PLATE  3F=»ll\r 


©  2007  PlateSpin  Ltd.  All  rights  reserved.  PlateSpin  and  the  PlateSpin  logo  are  registered  trademarks  of  PlateSpin  Ltd  PlateSpin  conversion  and  optimization  technology  and  related  products  are  patent  pending.  Doc  090  -  August  2007 


10  companies 

continued  from  page  42 

he  led  Suns  technical  sales  force. 

Funding:  $9.2  million  in  two  rounds,  from 
Matrix  Partners  and  Silverton  Partners. 

Who's  using  the  product?  Borland  Soft¬ 
ware,  Canyon  Partners,  IBM’s  Rational  divi¬ 
sion,  Novell,  NovusEdge,  Prolify,  SDL  Inter¬ 
national,  SourceForge  and  Vignette. 


INSYSTEK 

Incorporated 


Insystek 

Founded:  April  1999 

Headquarters:  Topeka,  Kan. 

What  does  the  company  offer?  Virtualize 
IT,  a  management  software  suite  that  lets 
users  of  Microsoft,  VMware  and  Xen- 
Source  virtualization  products  discover 
and  map  virtual  environments,  create  vir¬ 
tual  machines,  track  and  manage  physical 
and  virtual  relationships,  and  automate 
the  life  cycle  of  a  large  number  of  virtual 
servers  and  desktops. 

Why  is  it  worth  watching?  Few  enterprise 
server  environments  are  virtualized  fully, 
and  that  means  most  IT  executives  are 
faced  with  managing  virtual  and  physical 
servers.  Virtual  IT  lets  users  manage  both 
from  a  single  console,  easing  overall  ad¬ 
ministration  and  cutting  costs. 

How  did  the  company  get  its  start?  The 
founders  saw  a  need  to  help  desktop  and 
server  administrators  better  manage  their 
environments  in  a  secure,  scalable  manner. 

How  did  the  company  get  its  name?  The 
company  started  as  a  privately  owned 
consulting  service,  Information  System 
Technologies.  “Insystek”  is  a  take  on  the 
old  name. 

Management:  Alex  Turner,  CEO,  has  spent 
18  years  in  the  IT  industry. 

Funding:  Private,  in  the  low  millions. 

Who's  using  the  product?  Virtualize  IT 
products  are  expected  to  be  available  this 
month. 


>;"kidaro 

■ 


Kidaro 

Founded: July  2005 
Location:  New  York  City 

What  does  the  company  offer?  Managed 
Workspace,  software  for  deploying,  manag¬ 


ing  and  securing  virtual  desktops  —  espe¬ 
cially  mobile  virtual  desktops  —  across  an 
enterprise,  from  a  single,  policy-based 
management  console. 

Why  is  it  worth  watching?  “Kidaro 
pushes  the  right  buttons  when  it  comes  to 
desktop  virtualization,”  says  Andi  Mann, 
senior  analyst  at  Enterprise  Management 
Associates.  Managed  Workspace  is  secure 
and  seamless,  and  provides  centrally 
managed,  policy-based  control  that  pro¬ 
vides  for  employee  mobility  and  keeps 
corporate  data  secure  at  the  same  time, 
he  adds. 

How  did  the  company  get  its  start? 

Founders  had  in  mind  the  idea  of  using 
virtualization  to  improve  the  manageabil¬ 
ity  and  security  of  enterprise  desktop 
computing. 

How  did  the  company  get  its  name?  It’s 
from  the  Kidarite  kingdom  in  India,  whose 
founder  overthrew  the  Kushan  Empire  in 
the  fourth  century  AD. 

Management:  Kevin  Brown,  CEO,  had 
been  an  executive  with  Decru;  after  that 
company’s  acquisition  by  Network 
Appliance,  he  served  on  NetApp’s  informa¬ 
tion  governance  board. 

Funding:  $14  million,  from  Genesis 
Partners,  Opus  Capital  Ventures  and  Storm 
Ventures. 

Who's  using  the  product?  Managed 
Workspace  is  available  but  is  in  enterprise 
pilot  tests. 


MARATHON 


Marathon 

Technologies 

Founded:  January  1993 

Headquarters:  Littleton,  Mass. 

What  does  the  company  offer?  EverRun 
high-availability/fault-tolerance  software, 
which  integrates  with  XenSource’s  XenEn- 
terprise  software  and  runs  on  a  two-node 
network  of  Windows  machines.  It  keeps 
the  machines  in  lock  step  so  that  if  a  com¬ 
ponent  or  software  fails  on  one,  the  other 
keeps  running,  eliminating  downtime. 

Why  is  it  worth  watching?  “Going  for¬ 
ward,  we  see  high  availability  and  disaster 
recovery  for  business  resiliency  as  key  rea¬ 
sons  why  organizations  will  deploy  virtual¬ 
ization  software,”  says  John  Humphreys,  an 
IDC  program  director.  “There  is  huge  mar¬ 
ket  appeal  for  technology  . . .  that  addresses 
both  planned  and  unplanned  downtime 
in  virtual  environments.” 

How  did  the  company  get  its  start?  The 


founders,  who  had  developed  Digital 
Equipment’s  VAX  FT  fault-tolerant  systems, 
created  technology  that  lets  multiple  Win- 
tel  servers  operate  as  a  single  fault- 
tolerant  system.  In  2003,  the  company 
implemented  its  technology  in  software. 

How  did  the  company  got  its  name? 
“Marathon”  was  chosen  because  it  con¬ 
veys  the  idea  of  running  with  endurance 
and  resiliency. 

Management:  CEO  Gary  Phillips  has 
more  than  20  years  of  experience  in  senior 
management  for  high-technology  firms,  in¬ 
cluding  Avaki  (now  Sybase),  Bowstreet 
(now  IBM),  BroadVision,  BBN  Techno¬ 
logies,  NCR  and  Wang  Laboratories. 

Funding:  $26  million  in  four  rounds,  from 
Atlas  Venture,  Longworth  Capital,  Presidio 
STX  and  Sierra  Ventures. 

Who's  using  the  product?  MAN  Nutzfahr- 
zeuge  Group  and  Wellcome  Trust,  as  well 
as  pharmaceutical  manufacturers  and  tel¬ 
evision  networks. 


ft  PROVISION 

m  J  NETWORKS 


Provision  Networks 

Founded:  March  2004 

Headquarters:  Reston.Va. 

What  does  the  company  offer?  Virtual 

Access  Suite  (VAS)  hosted  desktop  and 
presentation  virtualization  infrastructure. 
Compatible  with  virtualization  software 
from  Microsoft,  SWsoft,  Virtual  Iron,  VM¬ 
ware  and  XenSource,VAS  consolidates  vir¬ 
tual  application  delivery  and  desktop  de¬ 
ployment  from  those  companies’  virtual 
machines,  as  well  as  blade  PCs  and  Pro¬ 
vision’s  own  terminal  servers. 

Why  is  it  worth  watching?  VAS  improves 
management  and  security  while  keeping 
costs  in  check,  users  say.  “We  needed  the 
ability  to  scale  our  business  without 
increasing  desktop  support  costs,”  says 
Gary  Parkinson,  IT  director  with  Isaac 
Agnew,  a  U.K.  automobile  retailer.  “With 
over  600  network  PCs  across  17  retail  loca¬ 
tions,  we  needed  to  deploy  new  applica¬ 
tions  quickly,  securely  and  efficiently  to  a 
standard  desktop,  regain  control  of  those 
desktops,  and  turn  them  into  simple,  task- 
based  tools.  Provision  helped  make  the 
deployment  and  control  a  much  easier 
experience.” 

How  did  the  company  get  its  start?  Spun 
off  from  Emergent  OnLine,  one  of  Citrix 
Systems’  largest  partners. 

How  did  tho  company  get  its  name?  The 

See  10  companies,  page  46 
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Line  up  network  problems. 


You've  got  an  eyewitness. 

Is  it  a  network,  application,  or  security  problem?  Find  out  instantly  with  the 
Network  Instruments®  GigaStor™  appliance.  No  other  analysis  device  can 
quickly  isolate  the  issue  to  provide  valuable  retrospective  analysis  and  security 
forensics.  Every  transaction  is  recorded,  making  it  easy  to  go  back  in  time  to 
determine  not  only  when  the  anomaly  took  place,  but  why. 

Resolve  intermittent  problems,  track  compliance,  isolate  VoIP  quality 
issues,  identify  zero-day  attacks  and  more  on  WAN,  Gigabit  and  10  GbE 
networks.  Reduce  network  complexity  with  the  GigaStor.  Because  when  it 
comes  to  your  network,  everything  is  a  suspect. 

|®  GigaStor:  Get  proof.  Take  action.  Move  forward. 


NETWORK* 

IKSTRIMENTS 


Learn  more  about  GigaStor.  800-526-5958 
www.Networklnstruments.com/eyewitness 


©  2007  Network  Instruments,  LLC.  All  rights  reserved.  GigaStor,  Network  Instruments,  and  all  associated  logos  are  trademarks  or  registered  trademarks  of  Network  Instruments,  LLC. 
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founders  wanted  a  name  that  suggests 
desktop  and  application  provisioning. 

Management:  Co-founder  and  CEO  Peter 
Ghostine  also  founded  Emergent  Online, 
and  had  been  vice  president  of  interna¬ 
tional  sales  and  operations  forV-One  (now 
AEP  Networks). 

Funding:  $6  million  in  private  funding. 

Who's  using  the  product?  Aflac,  Brightstar, 
Computer  Sciences  Corp.,  Dole  Foods, 
Hitachi,  Investools,  U.S.  Department  of  Vet¬ 
erans  Affairs  and  Xerox. 


A 

SCALENT 


Sealant  Systems 

Founded:  January  2003 

Headquarters:  Palo  Alto,  Calif. 

What  does  the  company  offer?  Scalent 
makes  server-repurposing  software.  Its  Vir¬ 
tual  Operating  Environment  (V/OE)  pro¬ 
vides  data-center  infrastructure  virtualiza¬ 
tion  (aka  physical  machine,  network  and 
storage  movement),  easing  disaster  recov¬ 
ery,  test  automation  and  on-demand  com¬ 
puting  requirements.  The  V/OE  product 
works  with  the  A1X,  Linux,  Solaris, 
Windows, VMware  ESX  and  Xen  operating 
systems. 

Why  is  it  worth  watching?  When  company 
servers  —  even  virtual  machines  —  move, 
their  connectivity  needs  to  move  with 
them,  and  that’s  something  most  vendors  of 
virtual  servers  don’t  address.  V/OE  ad¬ 
dresses  the  physical  side,  remotely  turning 
on  machines  and  ensuring  they  have  the 
right  network  address,  storage  access  and 
operating  system  or  hypervisor  booting. 

How  did  the  company  get  its  start?  The 
founders  noticed  the  problems  caused  by 
manually  shifting  machines,  cables,  and 
network-  and  storage-access  architectures 
whenever  testing,  disaster  recovery  or 
other  changes  are  made. 

How  did  the  company  get  its  name?  Seal- 
ability  is  the  challenge  the  company  set 
out  to  solve,  hence  the  name  Scalent. 

Management:  Benjamin  Linder,  CEO,  was 
previously  with  Openwave  Systems  and 
Oracle. 

Funding:  $37  million  in  three  rounds, 
from  Credit  Suisse,  Hummer-Winblad, 
JK&B  Capital  and  Pequot  Ventures. 

Who's  using  the  product?  Ameriquest, 
Blackboard,  Carilion  Health  System  and 
Wachovia. 
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ToutVirtual 


Founded:  January  2005 

Location:  Carlsbad,  Calif. 

What  does  the  company  offer?  The  Virtual  IQ 
suite,  for  managing  heterogeneous  virtual- 
computing  infrastructures. 

Why  is  it  worth  watching?  As  virtualized  ser¬ 
vers  proliferate,  they  become  increasingly  dif¬ 
ficult  to  manage.  “Where  the  complications 
happen  are  with  management,  the  staff  im¬ 
pact  and  the  process  changes  that  take 
place,”  says  Stephen  Elliot,  an  IDC  director. 
“There’s  definitely  an  addressable  need  that 
[ToutVirtual]  is  trying  to  fill.” 

How  did  the  company  get  its  start?  Tout- 
Virtual’s  founders,  who  worked  together  at 
eCritical,  CACI  International  and  Sniffer 
Technologies  (now  Network  General),  recog¬ 
nized  the  need  for  a  virtualization  automa¬ 
tion  and  management  tool  that  could  work 
in  any  IT  environment. 

How  did  the  company  get  its  name?  Named 
to  suggest  “everything”  virtual,  from  “tout,”  the 
French  word  for  “everything;”  founders  also 
liked  that  “tout”  has  applicable  meanings  in 
English  and  French,  the  two  languages  of 
worldwide  diplomacy 

Management:  President  Jess  Marinez  shares 
the  helm  with  Vipul  Pabari,  CTO,  and  Bakul 
Mehta,  chief  strategy  officer. 

Finding:  Privately  held,  but  seeking  addi¬ 
tional  funding. 

Who's  using  the  product?  Aetna,  Bristol- 
Myers  Squibb,  Canon,  Century  One,  Ernest  & 
Young,  HPIntel,  Starbucks  and  UBS. 


XDS 

Founded:  September  2001 

Headquarters:  Durham,  N.C. 

What  does  the  company  offer?  SIMtone 


Virtual  Desktop  Utility  (VDU),  an  appli¬ 
ance  that  delivers  Windows  desktops  to 
employees  as  an  on-demand,  scalable 
service,  across  enterprise  networks  or  the 
Internet.  It  delivers  desktop  environments 
and  applications  to  PCs,  thin  clients, 
mobile  phones,  set-top  boxes  and  PDAs. 

Why  is  it  worth  watching?  Once  users 
get  past  server  virtualization,  they  look  to 
desktop  virtualization  to  reduce  support 
costs  for  remote  users  and  increase  secu¬ 
rity.  XDS  focuses  on  performance  and 
delivers  a  dial-tone-like  service  that  pro¬ 
vides  on-demand  virtual  desktop  sessions 
with  an  experience  similar  to  a  PC  or  lap¬ 
top  that  is  reportedly  high  security  and 
low  cost. 

How  did  the  company  get  its  start?  Mario 
Dal  Canto,  the  founding  investor  and  cur¬ 
rent  chairman  and  CEO,  brought  the  origi¬ 
nal  technology  team  together. 

How  did  the  company  get  its  name? 
While  in  a  cigar  bar,  co-founder  and 
President  Gerry  Dube  saw  a  cigar  adapter 
for  car  cigarette  lighters.  From  that  prod¬ 
uct  —  called  X-tension  —  he  came  up 
with  the  idea  of  Xtend  Digital  Services, 
which  became  XDS. 

Management:  Dal  Canto  had  been  CEO 
at  both  Cybertel  and  Impres,  a  venture 
firm  he  started  with  Bob  Sackman,  found¬ 
ing  Sun  chairman. 

Funding:  An  undisclosed  amount  in  one 
round,  from  Kodiak  Venture  Partners  and 
Motorola  Ventures. 

Who's  using  the  product?  SIMtone  VDU  is 

in  enterprise  pilot  tests. 


Companies  at  a  glance 

The  10  companies  to  waten  target 
these  enterprise  pain-points: 

Desktop  management: 

Kidaro,  Provision  Networks,  XDS 

1/0  processing  bottlenecks: 

3LeaJ  Systems,  InovaWave 

Unwieldy  file  storage: 

Attune  Systems 

Virtual  server  management: 

Insystek,  Scalent  Systems,  ToutVirtual 

Disaster  recovery: 

Marathon  Technologies 
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VIRTUALIZATION  ACROSS  THE  LAYERS 

Virtualization  technology  comes  into  play  throughout  the  IT  infrastructure.  This  slide 
show  provides  conceptual  models  lor  operating  system,  server  and  live  other  types  of 
virtualization,  www.nwdocfinder.com/ 1229 

NETWORK  COMPANIES  TO  WATCH:  THE  BIG  LIST 

Take  a  look  at  the  companies  we've  singled  out  as  worth  watching  over  the  last  year  or  so. 
They  range  from  those  providing  tools  for  automating  your  data  center  to  those  building 
enterprise  wireless  networks.  www.nwdocfinder.com/123Q 


DATA  CENTERS 

Resources  to  help  users  better  support  data  centers 


DATA  CENTER  CHALLENGES  (%  indicating  "Very  Challenging"  or  "Challenging") 


53%  Troubleshooting  software  problems 


39% 


50% 

Maintaining  disparate  applications 

43% 

Issuing  software  patches 

34% 

48% 

Ensuring  adequate  performance 
and  availability 

30% 

41% 

Safeguarding  the  data  center  from 
physical  disaster 

28% 

23% 

40% 

Scaling  the  environment  up  and  down  for 
demand  peaks  and  valleys 

23% 

Having  enough  physical  space  in  the 
data  center 


Adequately  cooling  equipment 

Understanding  the  interdependence  of 
data  center  equipment 

Dealing  with  power  outages 


Troubleshooting  hardware  problems 


Keeping  track  of  the  equipment  in  the 
data  center 


Today's  challenges  of  supporting  a 
data  center  include  virtual  server 
sprawl,  ongoing  migration  to  blade 
servers,  mounting  cooling  demands,  a 
never  ending  need  for  more  power,  the 
rising  costs  of  energy  and  more. 

Network  World  can  help  you  alleviate 
these  challenges  with  a  collection  of 
resources  that  offer  concrete  suggestions 
and  plans  of  action. 
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Welcome  to 
Network  World's 
Perspectives  Editorial 
Webcast 


Virtue!  Server  Management 


Five  Strategies  for  Cutting  Data 
Center  Energy  Costs  Through 
Enhanced  Cooling  Efficiency 

See  how  to  optimize  your  data  center 
efficiency  through  virtualization,  digital 
system  controls  and  emerging  ^ 
monitoring  capabilities. 


EMERSON. 

Network  Power 


Network  World  Editorial  Webcast: 
Virtual  Server  Management 
-Weighing  the  Options 

Virtual  server  sprawl  is  a  byproduct  of  virtual¬ 
ization.  Discover  new  tools  designed  to  help 
alleviate  the  management  issues  involved. 

V  Gateway, 


Go  to: 

www.networkworld.com/DataCenterResearch 

for  all  data  center  research. 


NETWORKWORLD 


Best  Practices  to  Control  Your 
Data  Center 

Read  about  solutions  that  help  IT  shops  better 
support  remote  data  center  maintenance  with 
this  in-depth 
whitepaper. 


Avocent 
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Enabling  Technologies  for  Power 
and  Cooling 

Learn  about  technologies  that  let  IT  executives 
measure,  control  and  optimize  their 
use  of  power  and  cooling  WllW 

resources  in  this  whitepaper.  fl wEM 


As  vendors  tap  into  hardware  assists  from  Intel 
ustomers  see  more  options  and  lower 


Brian  Gammage  pulls  no  punches  when  he  assesses  the 
importance  of  hardware-assisted  virtualization:  “This  is  the 
most  significant  architectural  change  we’ve  seen  in  the  x86 
processor  in  25  years,”  says  Gammage,  Gartner’s  lead  analyst 
on  PC  virtualization.  Even  Intel  and  Advanced  Micro 
Devices  haven’t  explained  adequately  how  significantly  the 
technology  affects  server  virtualization,  he  adds. 


Server  virtualization  is  a  watershed  IT 
technology  because  it  lets  a  single  physi¬ 
cal  computer  run  multiple  operating  sys¬ 
tems,  vastly  increasing  rates  of  CPU  use. 
But  server  virtualization  also  is  a  highly 
complex  process,  and  over  the  years 
many  vendors’  attempts  to  create  good 
virtual-machine  software  have  been 
stymied.  VMware,  however,  figured  out 
how  to  build  a  binary  translator  that  scans 
the  privilege  instructions  processors  issue 
to  operating  systems  and  rewrites  the 
ones  that  can’t  be  virtualized. 

EssentiallyVMware’s  early  virtualization 
software  tricked  the  operating  system, 
Gammage  says.  Earlier  processors  con¬ 
tain  four  privilege  levels,  which  create 
security  boundaries  —  they’re  like  one¬ 
way  doors,  he  says.  A  process  running  in 
Ring  1  had  to  ask  Ring  0  for  permission 
to  access  objects  to  which  Ring  1  nor¬ 
mally  wouldn’t  have  access.  Under  this 
Setup,  virtualization  software  “fools”  an 
operating  system  into  thinking  it’s  run¬ 
ning  at  Ring  0  - — the  most  privileged  ring 
—  when  it’s  really  not. 

Hardware-assisted  virtualization  chan¬ 


ges  all  this  by  doubling  the  number  of  a 
processor’s  privilege  levels.  If  the  chip 
has  a  greater  number  of  privilege 
levels,  modifying  the  operating  system 
becomes  unnecessary  Gammage  says. 

Embedded  routines 

Supporting  virtualization  at  the  chip 
level  greatly  reduces  the  amount  of  vir¬ 
tual-machine  code  needed,  in  part 
because  routine  operations  now  are 
handled  in  hardware.  As  XenSource 
CTO  Simon  Crosby  says,  “The  more 
features  in  the  hardware,  the  more 
code  we  can  throw  away?’ 

Indeed,  hardware-assisted  virtu¬ 
alization  gives  second-tier  virtu¬ 
alization  vendors  an  opportun¬ 
ity  to  catch  up  to  VMware, 
which  established  a  clear  lead 
over  competitors  by  develop¬ 
ing  workarounds  to  many 
hardware  limitations,  says 
Frank  Gillett,  an  analyst  with 
Forrester  Research.  XenSource, 
which  sells  products  related  to 
the  Xen  open  source  hypervisor, 


is  among  VMware  competitors  benefit¬ 
ing  from  hardware-assisted  virtualiza¬ 
tion,  as  is  Virtual  Iron. 

PreviouslyVirtual  Iron  supported  Linux 
because  it  could  be  rewritten  to  its 
purposes,  says  Alex  Vasilevsky  the  com¬ 
pany’s  CTO.  Now,  without  the  need  for 
modifications,  it  can  support  Windows, 
too,  he  says. 

Virtual  Iron  now  runs  12  to  15  virtual 
machines  per  processor,  and  future  en¬ 
hancements  to  hardware  and  software 
will  expand  that  number.  Planned 
improvements  from  Intel  and  AMD 
will  raise  the  number  of  cores  in  mul¬ 
ticore  CPUs,  and  add  input/output 
memory-management-unit  virtualiza¬ 
tion,  which  maps  virtual  addresses  to 
physical  addresses.  “The  goal  is  run- 
See  Virtual  chips,  page  50 
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i  “We  re  definitely  considering  Xen  on  just 
about  every  new  rollout  of  hardware. 


-  ROBERT  WICKS,  senior  AIX/Lintix  systems  administrator,  Rollins 


BOB  MAHONEY 


ESCAPE  THE  SERVER  ROOM. 

With  tools  that  give  you  remote  management 
capabilities,  the  HP  ProLiant  DL360  G5  server, 
powered  by  the  Quad-Core  Intel®  Xeon® 
Processor,  lets  you  manage  your  systems  from 
almost  anywhere.  Now  you  have  the  freedom 
to  spend  less  time  in  the  server  room  and  more 
time  on  the  tasks  that  drive  the  business. 


HP  PROLIANT  DL360  G5 


$3699  (Save  $1426) 

Lease  for  as  low  as  $94/month2 

Check  hp.com  for  the  most  up-to-date  pricing 

I  mm m  ow  470064-382) 

I  ■  2  Quad-Core  Intel®  Xeon®  Processors 
!  ■  2GB  FBD  PC2-5300  memory 

•  Supports  small  form  factor,  high-performance  SAS  or 
low-cost  SATA  hard  drive 

•  Smart  Array  P400i  controller 
Get  More: 

■  24x7, 4  hour  response,  3  years,  PN:  UE892E,  $375 
■Add  2GB  of  additional  memory,  PN:  39741 1-S21,  $509 


HP  STORAGEWORKS  ULTRIUM 
448  TAPE  DRIVE1 


$1749  (PN:  DW028B) 

Lease  for  as  low  as  $44/ month2 

■  400GB  compressed  capacity 
in  half-height  form  factor 

■  Ships  with  Data  Protector  Express  Software, 
One  Button  Disaster  Recovery,  and  a  1U 
Rackmount  Kit 


To  learn  more  about  the  HP  ProLiant  server  family, 
click  hp.com/go/DL360mag5 
call  1-888-685-9648 
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1 .  A  HP  SC1 1  Xe  Host  Bus  Adapter  ($209)  is  a  required  option  needed  to  connect  the  Ultrium  448  solution  to  the  DL360  G5  server.  Prices  shown  are  HP  Direct  prices;  reseller  and  retail  prices  may  vary.  Prices  shown  are 
subject  to  change  and  do  not  include  applicable  state  and  local  taxes  or  shipping  to  recipient's  address.  Offers  cannot  be  combined  with  any  other  offer  or  discount  and  are  good  while  supplies  last.  All  featured  offers 
available  in  U.S.  only.  Savings  based  on  HP  published  list  price  of  configure-to-order  equivalent  ($51 25  -  $1 426  instant  savings=  SmartBuy  price  $3699).  2.  Financing  available  through  Hewlett-Packard  Financial  Seivices 
Company  (HPFS)  to  qualified  commercial  customers  in  the  US  and  subject  to  credit  approval  and  execution  of  standard  HPFS  documentation.  Prices  shown  are  based  on  a  lease  48  months  in  term  with  a  fair  market  value 
purchase  option  at  the  end  of  the  term.  Rates  based  on  an  original  transaction  size  between  $3,000  and  $25,000.  Other  rates  apply  for  other  terms  and  transaction  sizes.  Financing  available  on  transactions  greater  than 
$349  through  June  30, 2007.  HPFS  reserves  the  right  to  change  or  cancel  these  programs  at  any  time  without  notice.  Intel,  the  Intel  Logo,  Xeon  and  Xeon  Inside  are  trademarks  of  Intel  Corporation  in  the  U.S.  and  other 
countries.  ©  2007  Hewlett-Packard  Development  Company,  L.P.The  information  contained  herein  is  subject  to  change  without  notice. 


Real  time. 
Real  intellige 
Real  control 


Wish  you  had  lower  network  infrastructure 
costs?  More  management  control? 
Enhanced  network  administration? 
Not  to  mention  greater  productivity, 
better  security,  and  cost-effective  service 
provisioning  and  network  monitoring? 


Now  you  can  with  the 
SYSTIMAX®  iPatch®  System— 
a  proven  time-saving,  efficiency-raising 

solution  for  real-time  infrastructure  To  !eam  how  rea,_t  ime  infrastructure 

management. 

t  management  can  benefit  your  business, 
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Are  you  ready  to  take  control?  visit 


SYST1MAX 

SOLUTIONS 
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DATA  CENTER 


Virtual  chips 

continued  from  page  48 


ning  50  or  60  virtual  machines  on  one  CPU 
processor, ’’Vasilevsky  says. 

As  for  VMware,  Gillett  says,  the  vendor  “will 
be  able  to  take  code  out,  and  performance 
will  increase.” 


Changes  afoot 

With  hypervisors  easier  to  build,  customers 
have  more  options.  Robert  Wicks,  senior 
AIX/Linux  systems  administrator  at  Rollins, an 
Atlanta-based  pest  control  company,  speaks 
to  that  fact  firsthand.  VMware’s  ESX  Server 
was  the  only  real  choice  for  Windows  virtual¬ 
ization  before  hardware  assists  became  avail¬ 
able,  Wicks  says,  noting  that  in  2003  Rollins 
bought  a  VMware  license  for  one  server  that 
cost  about  $5,000.  But  now  Rollins  uses 
XenSource  virtualization  on  Intel  VT-enabled 
processors  for  $99  per  server,  and  may  move 
to  the  more  robust  enterprise  edition  for  $750 
per  server,  Wicks  says.  With  25  XenSource 
licenses,  the  business  is  expanding  its  use  of 
virtualization  rapidly  Rollins  no  longer  uses 
the  original,  fee-based  VMware  license,  but 
does  use  a  free  version  with  fewer  functions. 
XenSource  has  “allowed  us  to  spin  up  some 
new  environments  very  quickly  We’re  defi¬ 
nitely  considering  Xen  on  just  about  every 
new  rollout  of  hardware,”  Wicks  says. 

Jim  Ni,  Microsoft  group  product  manager 
for  Windows  Server  marketing,  points  to  the 
free  version  of  Virtual  Server,  which  already 
takes  advantage  of  hardware  assists  from  Intel 
and  AMD,  and  touts  the  impact  hardware- 
assisted  virtualization  is  having  on  security 
“You  get  significantly  greater  security  and  iso¬ 
lation  across  each  virtual  machine,  so  each 
machine  actually  is  its  own  entity  has  its  own 
IP  address,  own  [media  access  control] 
address,  even,”  he  says. 

Of  course,  the  new  Intel  and  AMD  technol¬ 
ogy  is  not  without  its  detractors.  Computer 
security  researcher  Joanna  Rutkowska  says 
chip-level  virtualization  is  “very  immature  as 
of  todajf  and  offers  no  practical  and  effective 
means  of  preventing  and  detecting  attacks 
from  malware  that  uses  the  vendors’  hard¬ 
ware-assisted  virtualization  technology  to 
take  control  of  an  operating  system.The  hard¬ 
ware  upgrades  Intel  and  AMD  plan  to  imple¬ 
ment  by  next  year,  however, should  provide  a 
workable  solution  to  this  problem,  she  adds. 

Indeed,  Intel  has  a  five-year  development 
plan  in  place,  says  Steve  Grobman,  director 
of  Intel’s  business-client  architecture.  “It’s 
not  going  to  be  something  that  just  ends.”  ■ 
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Replicating  Selected 
Virtual  Machines 
Just  Got  Easy  &  Affordable 

esxReplicator  from  Vizioncore  Inc. 
lets  users  of  the  VMware  platform 
select  specific  VMs  and  replicate  them 
to  remote  locations,  creating  an 
effective,  practical  and  affordable 
DR/BC  strategy  for  any  size  business. 


vizioncore 

Enhancing  VMware®  Infrastructure 


Visit  www.vizioncore.com 
for  more  information 


Introducing  the 
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www.networkTAPs.com 
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Efficiently  aggregate  full-duplex  data  into 
your  analysis  or  security  device. 

•  Supports  10/100/1000 

•  Stream  into  two  different  devices 

•  Rack  mount  up  to  three  across 

•  Supports  all  commercial  analysis  systems 

•  Also  works  with  open-source  tools 

Learn  more.  Visit  www.networkTAPs.com. 
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Buffer  options: 

256  MB . 

512  MB . 


$1,495 
.  $1,995 


■ 


Choose  from  a  variety  of  configurations,  options,  and  pricing.  Plus  a 
complete  line  of  copper  and  optical  nTAPs  for  fuli-duplex  analyzer  systems. 
Free  overnight  delivery* 

www.networkTAPs.com  •  1  -866-GET-nTAP 
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v  v  '  *Free  overnight  delivery  on  all  U^.  orders  over  S295  confirmed  before  12  p.m.  Central  Time. 

©  2007  Networic  Instruments,  LLC.  irTAP  and  all  associated  logos  are  trademarks  or  registered  trademarks  of  Network  Instruments,  U.C 


The  southeast  leading  provider  of  cabling  solutions  and 
rapid  deployment  for  Voice,  Data  and  Video  communication 


Phone:  866-904-4080 
www.comdesigninc.com 


•  Specialists  in  Data  center  cabling 

•  Fiber  optic  and  copper  cabling 

•  Installation  and  design  services 

•  Avaya  IP  telephone  systems 

•  Wireless  network  deployment 

•  Multi-site  rollouts  through  out  the  southeast 

See  us  at  Data  Center  World  -  Booth  437 
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NOW. 


RELAX.  YOU’RE  IN  CONTROL 

Manage  remote  offices  from  wherever  you  are. 
Secure  your  Data  Center.  No  software  licensing  fees 


State  of  the  art  security 

Dependable,  Powerful,  Secure,  Guaranteed 

24/7  Mission  Critical  Reliability 
Industry  Best  Video 
USB,  PS/2,  Serial  Support 


::  UltraLink1 


Digital  KVM  IP  s,ns'e’ Dua'- Quad  Ma<iel5 


Digital  KVM  IP 
Switches 

Swtch  &  control  1,000s 
of  computers  &  network 
devices  over  IP 

Advanced  Security 
High  resolution 
On-screen  menu 
USB,  PS/2,  Sun,  Serial 


Multi-platform 
KVM  switches 

Switch  &  control  1,000s  of 
computers  and  network 
devices 

Advanced  Security 
High  resolution 
On-screen  menu 
USB,  PS/2,  Sun,  Serial 


KVM  Extenders 

Extends  keyboard,  video, 
and  mouse  signals  up  to 
33,000  feet 

Ffcer,  CATx 
DVI,  VGA,  High  Res. 
PS/2,  USB,  Sun 
Audio,  Serial 


KVM  Rack  Drawers  Panel  Mount  LCD 


The  most  efficient  way  to 
organize  your  server  room. 

1U  or  2U,  VGA,  DVI 
15”,  17",  19’  or  20" 
PS/2,  USB,  or  Sun 
Touchpad  or  Trackball 


S\. 


Mount*  vertically  In  a 
standard  19"  rack. 


15*,  17*,  19*,  20’,  or  23* 

VGA,  DVI,  S-Video 
Optional  Touchscreen 
a  Optional  Built-in  KVM  Extenders 


281  933  7673 
+49^0)5226-9820930 
+6S  6324  2322 
+617  3388  1540 


www.rose.com 

281  933  7673  800  333  9343 

ROSE  ELECTONICS  10707  STANCUFF  ROAD  -  HOUSTON,  TEXAS  77099 
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OpTier 


Putting  first  things  first 


Power  your  grid  server 
with  cross-tier 
transaction  visibility 

CoreFirst™  from  OpTier™  manages  business 
transactions  from  start  to  finish:  pre-,  post-  and 
inside  the  grid. 


Minimize  problem  resolution 
times  by  isolating  specific 
business  transaction/user  issues 
(such  as  trade/trader)  with 
complete  transaction  visibility 
through  grid  engines  in  real  time. 


Assure  your  grid  is  optimally 
configured  to  your  business  needs 

OpTier's  Business  Transaction 
Management™  automatically  maps, 
tracks  and  monitors  all  business 
transactions  running  on  the  grid. 


Understand  your  grid 
utilization  from  a  business 
perspective 

With  OpTier  you  can  manage  grid 
utilization  based  on  real  business 
transaction  data. 


For  more  information,  visit  www.optier.com/networkworld/Aug2007  or  email  us  at  info@optier.com. 
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THE  NEW  DATA  CENTER 


BY  JOHN  FONTANA 


VIRTUAL  MICROSOFT 

Critics  repeatedly  have  beaten  up  Microsoft  over  its  virtualization  plans. 
But  Mike  Neil,  this  technology's  chief,  stands  up  to  the  punches. 


ike  Neil,  Microsoft’s  general  manager  of  virtualization,  is  on  the  big 
stage  with  a  hot  technology  The  lights  are  on  him  as  he  prepares  for 
next  year’s  delivery  of  Windows  Server  Virtualization,  which  first  was  a 
feature  and  now  is  an  add-on  to  Windows  Server  2008.  Neil,  who 
joined  Microsoft  four  years  ago  as  part  of  the  Connectix  acquisition, 
recently  talked  with  Network  World  Senior  Editor  John  Fontana  about 
critics,  competition,  licensing  and  feature  delays. 


The  prevailing  belief  among  observers  is 
that  Microsoft  is  way  behind  VMware.  What 
do  you  say  to  the  WSV-bashers? 

At  a  high  level,  1  disagree.  Server  virtualiza¬ 
tion  is  still  a  developing  market  and  technol¬ 
ogy  Since,  to  a  great  degree,  the  utilization  of 
virtualization  has  been  in  relatively  confined 
areas,  typically  in  large  enterprises  or  infra¬ 
structure  products  like  [VMwares]  ESX 
Server,  Microsoft  will  be  able  to  have  a  much 
broader  approach  and  make  virtualization 
available  to  a  wider  swath  of  the  industry. 

Are  you  on  track  for  a  mid-2008  release  of 
WSV?  A  lot  of  people  are  casting  doubts  after 
your  spring  road-map  adjustments. 

We  made  the  adjustments  —  the  deferral  of 
some  of  the  features  —  so  we  could  maintain 
our  schedule  and  provide  the  technology 
with  high  quality  on  the  timeline  that  we 
articulated:  Windows  Server  2008  plus  180 
days.  [The  server  is  set  to  ship  Feb.  27, 2008.] 

Will  the  delayed  WSV  features  be  delivered 
in  some  fashion  before  the  next  release,  which 
could  be  as  many  as  four  years  away,  given 
the  server  operating  system  release  cycle? 

Windows  Server  Virtualization  is  coming 
out  off  the  [server]  cycle,  and  while  we  do 
plan  to  follow  up  with  the  deferred  features  in 
subsequent  releases  of  the  [operating  sys¬ 
tem]  ,  we  have  not  talked  about  specific  tim¬ 
ing.  We  are  hoping  to  sync  up  with  the  cycle. 

Sync  with  the  Windows  Server  R2  release, 
slated  for  late  2009,  or  the  next  major  server 
release,  in  201 1? 

Our  goal  is  to  follow  up  with  those  features 
as  quickly  as  possible. 

Critics  say  the  delay  of  the  Live  Migration 
feature,  which  would  provide  the  ability  to 
migrate  while  virtual  machines  are  running, 
is  a  big  setback  for  Microsoft  as  it  tries  com¬ 
peting  against  VMware.  What's  your  take? 

I  dispute  it  to  some  degree.  From  a  compet¬ 


itive  standpoint, it  is  a  sexy  feature  and  sounds 
really  exciting.  But,  of  the  Microsoft  customers 
using  VMware  or  other  virtualization  technol¬ 
ogy,  few  are  actually  utilizing  that  type  of  func¬ 
tionality  It  is  a  relatively  sophisticated  piece  of 
technology  to  set  up.  The  capabilities  we  do 
have  and  are  shipping  —  our  ability  to  cluster 
virtual  machines  and  the  ability  to  migrate 
quickly  —  will  meet  most 
customers’  needs. 


Some  predict  the  demise 
of  Virtual  Server  and  Vir¬ 
tual  PC,  your  current  server 
and  desktop  virtualization  products.  Are  those 
two  in  active  development  or  static  mode, 
especially  in  light  of  the  delays  in  delivering 
updates  to  Virtual  Server? 

We  released  Virtual  PC  2007,  which  has  Vista 
support  as  both  a  host  and  guest,  in  February 
We  released  Virtual  Server  [2005]  R2  SP1  in 
June. We  continue  to  develop  on  both, and  we 
are  actually  growing  the  teams  that  are  devel¬ 
oping  those  products. 

Competitors  have  questioned  Microsoft's 
licensing  as  it  relates  to  moving  virtual  ma¬ 
chines  among  different  computers.  What  con¬ 
straints  will  users  face  on  how  and  when 
they  can  move  virtual  machines? 

We  made  changes  to  Windows  Server 
licensing  specifically  to  address  moving  vir¬ 
tual  machines.  With  our  instance-based 
licensing,  we  have  moved  from  the  installa¬ 
tion  of  the  operating  systems  being  the 
defining  event  when  a  license  is  consumed, 
to  when  you  instantiate  an  image  of  an  oper¬ 
ating  system.  And  so  from  a  license  perspec¬ 
tive,  we  want  the  customer  to  understand  the 
licensing  is  in  the  utilization  when  they  run 
our  software.They  can  move  those  instances 
between  any  two  licensed  devices  as  much 
as  they  want. 

The  criticism  some  folks  have  had  is  they 
don’t  feel  there  should  be  two  licenses 
involved  in  that  case.  In  reality,  customers  say 


they  have  licensed 
Windows  for  their  sys¬ 
tems  and  they  just  want 
the  ability  to  move 
around  the  images  and  the  instances.  Cus¬ 
tomers  who  want  the  ultimate  in  flexibility 
can  use  our  Datacenter  licensing,  which 
allows  them  to  run  an  unlimited  number  of 
virtual  machines. 

Application  virtualization  is  part  of  your 
overall  virtualization  strategy,  so  why  do  you 
only  offer  it  to  customers  with  Software 
Assurance  contracts? 

The  basic  business  model  we  are  using  for 
application  virtualization  technology  is  to 
provide  it  as  part  of  the  value-add  you  get 
with  Software  Assurance.  It  provides  those 
customers  —  who  are  typically  our  largest 
customers  and  typically  deploying  that  kind 
of  technology  —  with  a  way  to  gain  that  value 
over  time  as  opposed  to  licensing  it  perpetu¬ 
ally  for  each  one  of  their  machines. 

What  role  does  security  play  in  this  virtual¬ 
ization  environment? 

That  is  an  interesting  problem.  Today,  with 
the  architectures  we  have,  the  hypervisor  level 
of  the  software  is  being  targeted  by  more  and 
more  of  the  malicious  software  industry  You 
can  see  that  by  looking  at  the  security 
updates  that  VMware  has  had.  Microsoft  has 
shown  we  have  been  responsive  to  the  secu¬ 
rity  threats  out  there  and  put  in  place  the 
processes  to  make  our  products  secure  and 
react  to  any  security  issues.  ■ 


08  20  07  |  wwwnetworkworld.com/supp/2007/ndc5/ 

53 


Start  with  the  right  rack, 
and  you  can't  go  wrong. 


Get  the  seamlessly  integrated,  fully  compatible 
NetShelter^  rack  system  from  APC®. 

APC,  the  name  you  trust  for  power  protection,  also 
offers  a  comprehensive  line  of  non-proprietary  racks, 
rack  accessories  and  management  tools  that  ensure 
the  highest  availability  in  a  multi-vendor  environment. 
With  APC  racks,  accessories,  and  management  tools, 
you  can  design  a  comprehensive  rack  solution  that 
meets  your  availability  needs  for  today  and  that 
easily  scales  up  for  tomorrow. 

Need  assistance?  Our  expert  Configure-to-Order 
Team  can  custom  tailor  a  complete  rack-mount 
solution  that  suits  your  specific  requirements. 


Contact  APC  today  and  protect  your  rack  application 


with  Legendary  Reliability® 


The  NetShelter®  SX  is 
vendor  neutral  and  carries 
the  "Fits  Like  a  Glove" 
compatibility  guarantee. 


HP/COMPAQ  •  SUN  •  IBM 

10] 


DELL -CISCO -LUCENT 


P  =  Power  C  =  Cooling  R  as  Racks 


NetShelter  is  completely 
compatible  with  all  APC  * 
award-winning  InfraStruXure® 
architecture,  allowing  you  to 
add  rack,  power  and  cooling 
on  a  scalable  as-needed  basis. 


NetShelter0  SX  starts  at  $1150 
Hack  enclosures  with  advanced  cooling,  power  distribution, 
and  cable  management  for  server  and  networking 
applications  In  IT  environments. 

•Integrated  rear  cable  management  channels  allow  easy 
routing,  management  and  access  to  large  numbers  of 
data  cables. 

•3000  lbs.  weight  capacity. 

•  Vendor  neutral  mounting  for  guaranteed  compatibility. 

•  Too  1 1  ess  mounting  increases  speed  of  deployment. 

Rack  PDU  starts  at  $89.99 
Power  distribution  that  remotely  controls  power 
to  individual  outlets  and  monitors  the  aggregate 
power  consumption. 

•Switched,  metered,  and  basic  models  available. 

•Includes  horizontal,  vertical,  and  toolless  mount. 

•Puts  power  in  the  racks  near  the  equipment  where 
it  is  needed  most. 

•  Wide  range  of  input  and  output  connections  from 
single-phase  to  3-phase. 

Cable  Management  starts  at  $29.99 
Comprehensive  selection  of  accessories  designed 
to  organize  power  or  data  cables  within  a 
rack  environment. 

•Eliminates  clutter  and  cable  stress. 

•Zero  U  of  rack  space  with  the  vertical  cable  organizer. 
•Quick-release  tabs,  toolless  mounting. 

Rack-mount  Keyboard  Monitor  starts  at  $1550 
1U  rack-mountable  integrated  keyboard,  monitor  and  mouse. 

•  15"  or  17"  ultra-thin,  LCD  monitor  with 
integrated  keyboard. 

•Ease  of  installation  minimizes  support  and 
maintenance  costs  ensuring  lower  cost  of  ownership. 

•Can  be  used  in  a  variety  of  IT  environments  from 
computer  rooms  to  large  data  centers. 

Rack  Air  Removal  Unit  SX  starts  at  $2600 
Hear-door  fan  system  for  performance  heat  removal  up  to  23kW 

•  Temperature  controlled,  variable  speed  fans  allow  reduced 
energy  consumption  during  off-peak  cooling  periods. 

•  Ducted  exhaust  system  increases  air  conditioning  efficiency 
and  prevents  hot  spots  by  eliminating  recirculation. 

•  Manageable  via  Web,  SNMP,  Telnet  and  local  LCD  display. 

NetBotz®  Security  and  Environmental 

starts  at  $889 

Protecting  IT  assets  from  physical  threats. 

•  Visual  monitoring  of  all  activities  in  the  data  center 
or  wiring  closet. 

•  Third-party  monitoring  via  dry-contacts,  SNMP,  IPMI, 

0-5V and 4-20mA. 

•User-configurable  alarm  and  escalation  policies. 

•  Temperature,  humidity,  and  leak  detection. 


Download  Free  Rack  White  Papers 

For  full  details,  Visit  www.apc.com/promo  Key  Code  x24  lx 
•  Call  888.289.APCC  x9161  •  Fax  401.788.2797 


Legendary  Reliability® 


©2007  American  Power  Conversion  Corporation.  All  rights  reserved.  NetBotz,  NetShelter  and  InfraStruXure  are  registered  trademarks  of  American  Power  Conversion  Corporation.  Other  trademarks  are  property  of  their  respective  owners. 

132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA  AX4A6BF_NAMf 


When  it  comes  to  Remote  Network 
Management,  no  one  has  more 
remote  access  tools  than  Western 
Telematic!  Our  products  offer  the 
design  flexibility  you  need  to  mix 
and  match  equipment  for  small  or 
large  scale  remote  management 
strategies.  WTI  products  are 
installed  in  thousands  of  network 
sites  worldwide. 

✓  In-House  Design  &  Manufacturing 

✓  We  Stock  for  Same  Day  Shipment 

✓  Five  Year  Warranty 

✓  Free  Online  Demos 


Secure  Console  Managers  Remote  Power  Switches 


•  SSHv2  Encryption 

■  8, 16,  or  32  DB9  Ports 

•  LDAR  RADIUS,  TACACS+ 

■  Internal  Modem 

•  SNMP  Monitoring 

■  Non-Connect  Port  Buffering 

■  SYSLOG  Messages 


■  Web  Browser,  Telnet  and  Local 
Access 

»  Dual  15  or  20  Amp  Power  Inputs 

•  Power-Up  Sequencing 

•  Outlet  Specific  Passwords 

•  NEMA  or  IEC  Outlets 

«  4,  8,  and  16  Outlet  Models 

■  Vertical  and  Horizontal  Models 


Current  Load  Monitors 


■  Display  Current/Watts/Volts 
«  Dual  20  Amp  Circuits 

»  Measure  Individual  and  Aggregate 
Loads 

■  80%  Threshold  Alarm 

■  120-  208  VAC  Auto  Sensing 

■  Connect  to  PDUs  or  Reboot 
Switches 


western  telematic  incorporated 


(800)  854-7226  •  www.wti.com 

5  Sterling  •  Irvine  •  California  92618-2517 


Server  room 
climate  worries? 


Server  Room 
Climate  &  P°WER 
Monitoring 


Get  our 

free 

book. 
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E-mail  FreeBook@ITWatchDogs.com  with  your 
mailing  address  or  call  us  at  512-257-1462 


Chat™  j  50 
Chat™;  150 
MAX  Attach™!  IP 


OearOne 
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How  Do  You  Ensure 
Maximum  Uptime  for 
Your  Critical  Devices? 


With  Smart  Load  Shedding! 

Manage  individual  devices  based  on  Temperature, 
Current  Load  or  UPS  Power  Status 


i»i  ■ 


Should  the  temperature  or  load  current  exceed  defined  thresholds  or  the 
UPS  lose  power  and  go  onto  battery  all  or  a  portion  of  the  load  can  be 
automatically  shed  to  ensure  longer  operational  life  of  your  critical  devices! 


>  Integral  Web  Based  GUI:  Easy-to  use, 
secure  configuration  tool 

>  Remote  Shutdown  Agent:  Graceful  server 
shut  down  and  restart 

>  Event  Notification:  SNMP  arid  Email 


alerts 

■  UPS  Types:  All  Major  UPS  manufat  turers 
supported 

■  Auto-recovery:  When  conditions  return 
to  normal 


Server  Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 


Server  Technology,  Inc. 


1040  Sandhill  Drive 
Reno,  NV  89521 
USA 

www.5ervertech.com 
www.serverl  echbloq.corn 


ti  -*1.800.835.1515 
tel  +1. 775,284,2000 
fax  + 1.775.284.2005 

sales@servertprh.com 


SENSAPHONE 
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Monitor  the  REST  of 
Your  Computer  Room! 


Physical  Security 
Video 

Temperature 
Power  Problems 
Water  on  the  Floor 
Humidity 
Smoke  and  Fire 
And  much  more 


Instant  Notification  by  Phone  or  E-mail 
when  events  threaten  your  Infrastructure. 


Dealers  Wanted 

T  Contact  us  today  to  discuss  your  application 

www.ims-40OO.com  877-373-2700 
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Refurb  and  spam 

What  a  couple  of  weeks  it’s  been!  We’re 

having  the  kitchen  refurbished,  so  I  have 
plumbers,  builders  and  painters  waltzing 
in  and  out,  interrupting  me  every  five  minutes. 
I’m  keeping  the  aspirin  close  at  hand,  and  per¬ 
haps  the  added  stress  is  making  me  particular¬ 
ly  irritated  by  spam. 

For  a  very  short  while  spam  seemed  to 
become  less  annoying.  Sure,  I  was  getting  a 
handful  every  day  but  they  were  easy  to  deal  with.  Alas,  that  little  vaca¬ 
tion  was  far  too  brief,  and  spam  seems  to  have  come  back  with  a 
vengeance. 

Much  to  my  amusement,  1  still  get  relentless  messages  from  “Tonya”  at 
Cyberfoxes  (an  incredibly  silly  name),  who, 
after  who  knows  how  long,  is  still  offering  to 
“renew”  my  membership  to  her,  ahem,  service. 

I  keep  wondering  if  there’s  some  kind  of 
strategy  behind  this  ridiculous  pitch?  Perhaps 
it  is  something  cunning,  such  as  the  company 
1  heard  about  that  was  offering  some  kind  of  porn,  and  two  weeks  after 
getting  the  customer’s  money  would  write  back  saying  federal  regula¬ 
tions  prohibited  them  from  sending  the  material  by  post,  so  they  were 
enclosing  a  refund  check.  But  the  check  was  much  larger  than  usual, 
fluorescent  pink,  and  the  payee  was  a  concatenation  of  perversions 
that  1  can’t  list  in  a  nice  journal  such  as  this.The  company  counted  on 
the  fact  that  most  people  would  be  too  embarrassed  to  cash  the 
check.  But  I  digress. 

One  thing  I  am  seeing  now  is  a  lot  more  American  business  spam.  I’ve 
complained  before  about  this,  but  I  am  still  amazed  that  U.S.  companies 
that  should  know  better  will  subscribe  me  to  their  stream  of  inchoate 


headaches 

marketing  drivel  about  products  or  services  simply  because  they  can. 

More  aggravating  are  the  companies  that  send  you  ads  over  and  over 
again.  I’ve  talked  with  many  companies  that  were  naive  and  didn’t 
understand  the  issues  involved,  but  there  are  a  few  out  there  that  sim¬ 
ply  don’t  want  to  play  by  the  rules. 

One  company  in  this  category  is  Pixelfish,  which  offers  to  produce 
video  for  Web  sites.  Since  the  first  of  this  year,  it  has  spammed  me  1 1 
times  with  messages  that  aren’t  CAN  SPAM-compliant.  I  have  followed 
the  unsubscribe  instructions,  and  I  have  sent  the  company  messages. 
Will  they  take  me  off  the  list?  Nope. 

I  was  curious  as  to  whether  Pixelfish  simply  didn’t  understand  the 
issues  of  spam,  so  I  e-mailed  Dave  Brewer,  the  name  on  the  last  spam 
I  got,  and  the  CEO,  John  McIntyre,  and  got  no  reply.  Out  of  curiosity,  I 

telephoned  and  spoke  to  Brewer,  who  was 
rude  and  then  hung  up  on  me. 

Now  I  know  that  I  can  just  delete  Pixelfish 
spam  when  I  get  it,  or  even  block  the  compa¬ 
ny  altogether,  and  if  it  was  the  only  U.S.  compa¬ 
ny  doing  this  sort  of  thing,  it  would  be  no  big 
deal. The  trouble  is  it  isn’t,  and  it  is  a  big  deal. 

Here’s  my  question:  What  do  we  do  about  companies  that  1)  not  only 
don’t  care,  but  2)  are  willing  to  be  downright  aggressive  about  not  car¬ 
ing?  I  don’t  think  son  of  CAN  SPAM  is  the  answer,  simply  because 
enforceability  is  impossible. 

I  don’t  know  the  answer,  but  I  know  that  ignoring  the  problem  isn’t 
the  right  approach.  Now  please  excuse  me;  the  plumber  has  a  ques¬ 
tion,  and  I  need  more  aspirin. 

Gibbs  is  self-medicating  in  Ventura,  Calif.  You  can  contact  him  at 
mgibbs@gibbs.com  as  long  as  you  're  not  spamming. 
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Mark  Gibbs 


The  one  thing  I  am  seeing  is  a 
lot  more  business  spam. 


E-cards:  I  delete  them  all  unopened  . . .  You? 

s 


end  me  an  e-mail,  and  chances  are  you’ll 
get  a  reply  . . .  Send  me  an  e-card,  howev¬ 
er,  and  don’t  hold  your  breath. 

I  don’t  open  them  —  ever  —  and  if  an 
unscientific  survey  of  my  colleagues  is  any 
indication,!  am  far  from  alone  in  this  delete- 
NETBUZZ  on-sight  detachment  from  these  ubiquitous 

Npws  Insights  ndriitiPs  electronic  annoyances.  A  few  co-workers 
— open  e-cards  selectively  and  gingerly;  most  do 

not  at  all. 

The  matter  percolated  to  the  surface  recently  when  Symantec 
released  its  latest  “State  of  Spam”  report  that  included  this  nugget: 
“Greeting  card  spam  remains  a  spammer  favorite.  Symantec  saw 
over  250  million  of  these  spam  messages  being  targeted  towards  a 
sample  set  of  customers  in  July’ 

Seems  as  if  at  least  two  or  three  a  day  make  it  by  our  spam  filters. 

(No  word  of  a  lie:  Three  have  popped  into  my  in-box  since  I’ve  begun 
been  writing  this  item.)  . . .  Delete,  delete  . . .  delete.  Not  so  much  as  a 
moment’s  thought. 

One  reason  that  I’ve  unilaterally  stopped  opening  them:  I  receive  so 
many  that  are  obviously  spam  that  1  do  not  consider  it  worth  my  time 
to  attempt  to  differentiate  between  those  that  are  spam  and  the  one  in 
100  that  might  actually  be  from  someone  I  know. The  cost  simply  out¬ 
weighs  the  benefit. 

And  I  reach  this  state  knowing  that  it  carries  a  small  risk,  too,  as  a 
colleague  just  mentioned  that  he  recently  deleted  without  thought  an 
e-card  that  carried  a  legitimate  invitation  and  the  person  so  ignored 
expressed  a  degree  of  pique  over  the  perceived  slight. 

Tough  petunias,  I  say;  use  a  form  of  communication  that  doesn’t 
require  the  recipient  to  play  detective  before  opening. 

Frankly  it’s  a  wonder  anybody  opens  these  things  given  the  preva¬ 


lence  of  headlines  such  as  these,  culled  from  just  the  first  page  of 
results  on  Google  News  for  a  search  on  “e-cards”:  Not  quite  a  Hallmark 
moment:  E-cards  sent  by  identity  thieves;  Fake  e-cards  signal  massive 
DDoS  attack;  New  Computer  Scam  Involves  Bogus  E-Cards;  and,  E- 
Cards  Deliver  New  Internet  Danger. 

I  sent  e-mail  inquiries  to  a  half-dozen  companies  that  market  e-cards 
—  including  Hallmark  and  Yahoo  —  asking  for  comment  about  the 
impact  spam  and  virus  threats  are  having  on  their  e-card  customers 
and  e-card  franchises. 

Haven’t  heard  a  word  in  reply . . .  Perhaps  they  didn’t  dare  open  my  e- 
mail. 

If  you  have  something  to  say  about  it  or  would  like  to  vote  in  our 
“Do  you  open  E-cards?”  poll,  visit  Buzzblog  at  www.nwdocfinder 
.com/1275. 

Verizon  fights  fire  with  a  smokescreen 

What  started  with  a  minor  fire  at  a  home  in  Needham,  Mass.,  on 
Aug.  8  last  week  careened  into  a  full-scale  donnybrook  between 
Buzz  and  Verizon,  whose  service  technician  started  the  whole  thing 
by  drilling  into  an  electrical  main.  We  had  Verizon  PR  people  posting 
to  Buzzblog  and  denying  there  was  any  fire  ...  or  even  smoke.  We 
had  fire  officials  calling  Verizon  all  wet  and  an  eye-witnesses  describ¬ 
ing  “billowing  smoke.”  We  even  had  a  Verizon  VP  using  a  company 
blog  to  accuse  little  ol’  me  of  trying  to  “take  down”  the  multibillion- 
dollar  telecommunications  behemoth. 

Can’t  remember  the  last  time  I  got  paid  for  having  so  much  fun.  If 
you’d  like  to  catch  up  on  the  details  and  weigh  in,  try  this  Buzzblog 
item  and  start  bouncing  around  the  links:  www.nwdocfinder 
.com/1276. 

Or  fire  off  an  e-mail  to  buzz@nww.com. 
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